5 matches found
CVE-2025-67481
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js. This issue affects MediaWiki: from before 1.39.1...
CVE-2025-67481 mw.message(…).parse() doesn't output safe HTML, but it's being used as if it does
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js. This issue affects MediaWiki: from before 1.39.1...
CVE-2025-67481
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js. This issue affects MediaWiki: from before 1.39.1...
CVE-2025-67481
CVE-2025-67481 is an XSS in MediaWiki related to client-side messages (mediawiki.JqueryMsg.Js) where improper input neutralization affects certain MediaWiki versions (pre-1.39.16, 1.43.6, 1.44.3, 1.45.1). Public references in multiple feeds (NVD, Debian OSV, UBUNTU OSV, EUVD) corroborate an input...
Debian: Security Advisory (DLA-4428-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...