Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2025/06/20 12:0 a.m.4 views

MediaWiki >= 2.4.2 < 3.3.1 Multiple Vulnerabilities

MediaWiki is prone to multiple vulnerabilities. Note: This VT has been deprecated as it had targeted the wrong product. It is therefore no longer functional. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

6.5CVSS7.2AI score0.0035EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2025/06/14 7:21 p.m.7 views

CVE-2025-49579

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group h...

6.5CVSS6.2AI score0.00345EPSS
Exploits1References1
NVD
NVD
added 2025/06/12 7:15 p.m.8 views

CVE-2025-49579

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group h...

6.5CVSS0.00345EPSS
Exploits1References3
OSV
OSV
added 2025/06/12 6:50 p.m.5 views

CVE-2025-49579 Citizen allows stored XSS in menu heading message

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group h...

6.5CVSS6.5AI score0.00345EPSS
Exploits1References5
CVE
CVE
added 2025/06/12 6:50 p.m.48 views

CVE-2025-49579

CVE-2025-49579 affects the Citizen MediaWiki skin. The vulnerability arises because all system messages in Menu.mustache are inserted as raw HTML, enabling stored XSS when a user with editinterface but lacking editsitejs can edit messages. Affected versions are prior to Citizen 3.3.1, with fixed ...

6.5CVSS6.3AI score0.00345EPSS
Exploits1References3Affected Software1
Circl
Circl
added 2025/06/11 11:3 p.m.5 views

CVE-2025-49579

creationtimestamp| type| source ---|---|--- 2025-06-11 23:03:32+00:00| published-proof-of-concept| https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-g3cp-pq72-hjpv 2025-06-12 19:33:48+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18216...

6.5CVSS5.8AI score0.00345EPSS
Exploits1References2
Rows per page
Query Builder