3 matches found
CVE-2025-62667 Stored XSS through article extracts in GrowthExperiments
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Stored XSS.This issue affects Mediawiki - GrowthExperiments Extension: from master before 1.39...
CVE-2025-62667 Stored XSS through article extracts in GrowthExperiments
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Stored XSS.This issue affects Mediawiki - GrowthExperiments Extension: from master before 1.39...
CVE-2025-62667
CVE-2025-62667 is a stored XSS vulnerability in the MediaWiki GrowthExperiments Extension. The issue arises from improper neutralization of user-supplied input during web page generation, allowing injected scripts/HTML via the extension’s handling of article extracts. Affected component: GrowthEx...