CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2025/07/10 5:18 p.m.•3 views

CVE-2025-53479

The CheckUser extension’s Special:CheckUser interface is vulnerable to reflected XSS via the rev-deleted-user message. This message is rendered without proper escaping, making it possible to inject JavaScript through the uselang=x-xss language override mechanism. This issue affects Mediawiki -...

5.4CVSS5.9AI score0.0017EPSS

Exploits0References1

RedhatCVE•added 2025/07/09 3:14 p.m.•3 views

CVE-2025-53486

The WikiCategoryTagCloud extension is vulnerable to reflected XSS via the linkstyle attribute, which is improperly concatenated into inline HTML without escaping. An attacker can inject JavaScript event handlers such as onmouseenter using carefully crafted input via the tag:tagcloud parser...

5.4CVSS6AI score0.00244EPSS

Exploits0References1

CNNVD•added 2025/07/02 12:0 a.m.•2 views

Wikimedia Mediawiki - MintyDocs Extension 安全漏洞

Wikimedia Mediawiki - MintyDocs Extension is a document creation and management extension from the Wikimedia Foundation. A security vulnerability exists in Wikimedia Mediawiki - MintyDocs Extension that stems from improper input neutralization and could lead to a stored cross-site scripting attac...

6.5CVSS5.8AI score0.0023EPSS

Exploits1References2

CNNVD•added 2025/07/02 12:0 a.m.•2 views

Wikimedia Mediawiki - MintyDocs Extension 安全漏洞

3.7CVSS5.8AI score0.00239EPSS

Exploits0References2

CNNVD•added 2025/01/10 12:0 a.m.•2 views

Mediawiki ArticleFeedback 安全漏洞

Mediawiki ArticleFeedback is a Mediawiki extension from the Wikimedia Foundation USA. A security vulnerability exists in Mediawiki ArticleFeedback version 1.42.X, prior to version 1.42.2, which stems from improper input neutralization during page generation and is vulnerable to cross-site scripti...

6.1CVSS6AI score0.00226EPSS

Exploits0References2

Positive Technologies•added 2025/01/10 12:0 a.m.•2 views

PT-2025-4809 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: Mediawiki - ArticleFeedbackv5 versions 1.42.X through 1.42.2 Description: The issue is related to improper neutralization of input during web page generation, allowing Cross-Site Scripting XSS. This enables attackers to inject malicious scrip...

6.1CVSS6.7AI score0.00226EPSS

Exploits0References5

OSV•added 2024/10/05 2:15 a.m.•5 views

CVE-2024-47841

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Path Traversal.This issue affects Mediawiki - CSS Extension: from 1.42.X before 1.42.2, from 1.41.X before 1.41.3, from 1.39.X before 1.39.9...

7.5CVSS5.8AI score0.34179EPSS

Exploits1References3

NVD•added 2024/10/05 12:15 a.m.•20 views

CVE-2024-47848

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in The Wikimedia Foundation Mediawiki - PageTriage allows Authentication Bypass.This issue affects Mediawiki - PageTriage: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2...

6.9CVSS0.00502EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by