292 matches found
CVE-2025-53480
The CheckUser extension’s Special:Investigate page has a vulnerability in the Account information tab, where specific internationalized messages are rendered without proper escaping. Attackers can exploit this by appending ?uselang=x-xss to the URL, causing reflected XSS when the UI renders...
CVE-2025-53478
The CheckUser extension’s Special:Investigate interface is vulnerable to reflected XSS due to improper escaping of certain internationalized system messages rendered on the “IPs and User agents” tab. This issue affects Mediawiki - CheckUser extension: from 1.39.X before 1.39.13, from 1.42.X befor...
CVE-2025-53479
The CheckUser extension’s Special:CheckUser interface is vulnerable to reflected XSS via the rev-deleted-user message. This message is rendered without proper escaping, making it possible to inject JavaScript through the uselang=x-xss language override mechanism. This issue affects Mediawiki -...
CVE-2025-53479 CheckUser: Reflected Cross-Site Scripting (XSS) in Special:CheckUser via unsanitized internationalized message
The CheckUser extension’s Special:CheckUser interface is vulnerable to reflected XSS via the rev-deleted-user message. This message is rendered without proper escaping, making it possible to inject JavaScript through the uselang=x-xss language override mechanism. This issue affects Mediawiki -...
CVE-2025-53479 CheckUser: Reflected Cross-Site Scripting (XSS) in Special:CheckUser via unsanitized internationalized message
The CheckUser extension’s Special:CheckUser interface is vulnerable to reflected XSS via the rev-deleted-user message. This message is rendered without proper escaping, making it possible to inject JavaScript through the uselang=x-xss language override mechanism. This issue affects Mediawiki -...
CVE-2025-53479
The CVE-2025-53479 entry concerns the MediaWiki CheckUser extension. Affected: Special:CheckUser interface; vulnerable in the rev-deleted-user message where the content is rendered without proper escaping, enabling reflected XSS via the uselang=x-xss language override mechanism. Affected versions...
CVE-2025-53480
The CheckUser extension’s Special:Investigate page has a vulnerability in the Account information tab, where specific internationalized messages are rendered without proper escaping. Attackers can exploit this by appending ?uselang=x-xss to the URL, causing reflected XSS when the UI renders...
CVE-2025-53480 CheckUser: Reflected Cross-Site Scripting (XSS) in Special:Investigate (Account information tab) via unsanitized i18n messages
The CheckUser extension’s Special:Investigate page has a vulnerability in the Account information tab, where specific internationalized messages are rendered without proper escaping. Attackers can exploit this by appending ?uselang=x-xss to the URL, causing reflected XSS when the UI renders...
CVE-2025-53480 CheckUser: Reflected Cross-Site Scripting (XSS) in Special:Investigate (Account information tab) via unsanitized i18n messages
The CheckUser extension’s Special:Investigate page has a vulnerability in the Account information tab, where specific internationalized messages are rendered without proper escaping. Attackers can exploit this by appending ?uselang=x-xss to the URL, causing reflected XSS when the UI renders...
CVE-2025-53480
The CVE-2025-53480 issue affects the MediaWiki CheckUser extension on the Special:Investigate page, Account information tab. Root cause: specific internationalized messages are rendered without proper escaping, enabling reflected XSS when an attacker appends ?uselang=x-xss to the URL. Affected ve...
PT-2025-28632 · Mediawiki · Mediawiki
Name of the Vulnerable Software and Affected Versions: MediaWiki - CheckUser extension versions 1.39.X through 1.39.13 MediaWiki - CheckUser extension versions 1.42.X through 1.42.7 MediaWiki - CheckUser extension versions 1.43.X through 1.43.2 Description: The Special:CheckUser interface is...
PT-2025-28474 · Mediawiki · Mediawiki
Name of the Vulnerable Software and Affected Versions: Mediawiki - CheckUser extension versions 1.39.0 through 1.39.12 Mediawiki - CheckUser extension versions 1.42.0 through 1.42.6 Mediawiki - CheckUser extension versions 1.43.0 through 1.43.1 Description: The issue is related to the rendering o...
Wikimedia Mediawiki - CheckUser Extension 安全漏洞
Wikimedia Mediawiki - CheckUser Extension is a Wikimedia Foundation extension for checking IP addresses. A security vulnerability exists in Wikimedia Mediawiki - CheckUser Extension, which stems from a specific internationalization message in the Account information tab that is not properly...
Wikimedia Mediawiki - CheckUser Extension 安全漏洞
Wikimedia Mediawiki - CheckUser Extension is a Wikimedia Foundation extension for querying IP addresses. A security vulnerability exists in Wikimedia Mediawiki - CheckUser Extension that stems from a rev-deleted-user message that is not properly escaped, which could lead to a reflected cross-site...
CVE-2025-53478
The CheckUser extension’s Special:Investigate interface is vulnerable to reflected XSS due to improper escaping of certain internationalized system messages rendered on the “IPs and User agents” tab. This issue affects Mediawiki - CheckUser extension: from 1.39.X before 1.39.13, from 1.42.X befor...
CVE-2025-53478
The CVE-2025-53478 issue affects the MediaWiki CheckUser extension, specifically the Special:Investigate interface. It is a reflected XSS flaw caused by improper escaping of internationalized system messages rendered on the “IPs and User agents” tab. Affected versions include 1.39.x before 1.39.1...
CVE-2025-53478 CheckUser: Reflected Cross-Site Scripting (XSS) in Special:Investigate via unsanitized i18n messages
The CheckUser extension’s Special:Investigate interface is vulnerable to reflected XSS due to improper escaping of certain internationalized system messages rendered on the “IPs and User agents” tab. This issue affects Mediawiki - CheckUser extension: from 1.39.X before 1.39.13, from 1.42.X befor...
CVE-2025-53478 CheckUser: Reflected Cross-Site Scripting (XSS) in Special:Investigate via unsanitized i18n messages
The CheckUser extension’s Special:Investigate interface is vulnerable to reflected XSS due to improper escaping of certain internationalized system messages rendered on the “IPs and User agents” tab. This issue affects Mediawiki - CheckUser extension: from 1.39.X before 1.39.13, from 1.42.X befor...
PT-2025-28243 · Mediawiki · Mediawiki
Name of the Vulnerable Software and Affected Versions: Mediawiki - CheckUser extension versions 1.39.0 through 1.39.12 Mediawiki - CheckUser extension versions 1.42.0 through 1.42.6 Mediawiki - CheckUser extension versions 1.43.0 through 1.43.1 Description: The CheckUser extension’s...
Wikimedia Mediawiki - CheckUser Extension 安全漏洞
Wikimedia Mediawiki - CheckUser Extension is a Wikimedia Foundation extension for checking IP addresses. A security vulnerability exists in Wikimedia Mediawiki - CheckUser Extension versions prior to 1.39.13, prior to 1.42.7, and prior to 1.43.2, which stems from improperly escaping messages in t...