20 matches found
CVE-2026-39935
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting XSS. This issue was remediated only on the master branch...
EUVD-2026-19980
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - CampaignEvents Extension: 1.43.7, 1.44.4, 1.45.2...
CVE-2026-39935 XSS-via-i18n in localised wiki names
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting XSS. This issue was remediated only on the master branch...
CVE-2026-39935 XSS-via-i18n in localised wiki names
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting XSS. This issue was remediated only on the master branch...
MediaWiki CampaignEvents Extension 安全漏洞
The MediaWiki CampaignEvents Extension is an open-source extension for managing wiki events in MediaWiki. Versions 1.43.7, 1.44.4, and 1.45.2 of the MediaWiki CampaignEvents Extension contain security vulnerabilities. These vulnerabilities stem from improper handling of inputs during page...
PT-2026-31044
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - CampaignEvents Extension: 1.43.7, 1.44.4, 1.45.2...
CVE-2026-0817
Missing Authorization vulnerability in Wikimedia Foundation MediaWiki - CampaignEvents extension allows Privilege Abuse.This issue affects MediaWiki - CampaignEvents extension: 1.45, 1.44, 1.43, 1.39...
CVE-2026-0817
Missing Authorization vulnerability in Wikimedia Foundation MediaWiki - CampaignEvents extension allows Privilege Abuse.This issue affects MediaWiki - CampaignEvents extension: 1.45, 1.44, 1.43, 1.39...
CVE-2026-0817
Missing Authorization vulnerability in Wikimedia Foundation MediaWiki - CampaignEvents extension allows Privilege Abuse.This issue affects MediaWiki - CampaignEvents extension: 1.45, 1.44, 1.43, 1.39...
CVE-2026-0817
CVE-2026-0817 concerns the Wikimedia Foundation MediaWiki - CampaignEvents extension. The vulnerability is described as a missing authorization issue that could allow privilege abuse in CampaignEvents API. Affected versions are 1.39, 1.43, 1.44, and 1.45. The connected Red Hat/NVD entries corrobo...
CVE-2026-0817 CampaignEvents API missing authorization exposes meeting and chat URLs
Missing Authorization vulnerability in Wikimedia Foundation MediaWiki - CampaignEvents extension allows Privilege Abuse.This issue affects MediaWiki - CampaignEvents extension: 1.45, 1.44, 1.43, 1.39...
EUVD-2024-20690
Malicious code in bioql PyPI...
CVE-2025-53490
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - CampaignEvents Extension: from 1.43.X before 1.43.2...
CVE-2025-53490
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - CampaignEvents Extension: from 1.43.X before 1.43.2...
CVE-2025-53490
CVE-2025-53490 concerns the Wikimedia Foundation MediaWiki CampaignEvents Extension (versions 1.43.X up to 1.43.1) where an improper neutralization of input during web page generation enables Cross-Site Scripting (XSS). The entry states vulnerable component as the CampaignEvents Extension and fix...
CVE-2025-53490 Multiple XSS in CampaignEvents
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - CampaignEvents Extension: from 1.43.X before 1.43.2...
CVE-2025-53490 Multiple XSS in CampaignEvents
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - CampaignEvents Extension: from 1.43.X before 1.43.2...
Wikimedia Mediawiki CampaignEvents Extension 安全漏洞
Wikimedia Mediawiki CampaignEvents Extension is a Wikimedia Foundation extension for wiki projects. A security vulnerability exists in Wikimedia Mediawiki CampaignEvents Extension 1.43.2 prior to version 1.43.x. The vulnerability stems from improper input neutralization and could lead to cross-si...
CVE-2024-23171
An issue was discovered in the CampaignEvents extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. The Special:EventDetails page allows XSS via the x-xss language setting for internationalization i18n...
CVE-2024-23171
An issue was discovered in the CampaignEvents extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. The Special:EventDetails page allows XSS via the x-xss language setting for internationalization i18n...