292 matches found
CVE-2025-61649
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php. This issue affects CheckUser: from 7cedd58781d261f110651b6af4f41d2d11ae7309...
CVE-2025-67478 Wrong E-Mail address composition for usernames with a comma and Umlauts in it like "Döe, Jähn"
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from before 1.39.14, 1.43.4, 1.44.1...
CVE-2025-67478
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from before 1.39.14, 1.43.4, 1.44.1...
CVE-2025-67478
CVE-2025-67478: In Wikimedia Foundation CheckUser (includes/Mail/UserMailer.Php), commas in RFC 2822 style headers were not escaped, allowing downstream misinterpretation as value separators. Affected: MediaWiki/CheckUser components implicated by the CVE; Debian/Ubuntu advisories map this CVE to ...
EUVD-2025-206755
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from before 1.39.14, 1.43.4, 1.44.1...
CVE-2025-67478 Wrong E-Mail address composition for usernames with a comma and Umlauts in it like "Döe, Jähn"
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from before 1.39.14, 1.43.4, 1.44.1...
CVE-2025-61658 Special:GlobalContributions shows edits on wikis the viewer doesn't have access to
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php. This issue affects CheckUser: from before 1.43.4, 1.44.1...
CVE-2025-61658
CVE-2025-61658 pertains to Wikimedia Foundation CheckUser. The vulnerability is tied to the GlobalContributionsPager.Php component and affects CheckUser versions prior to 1.43.4 and 1.44.1. From the connected records, the issue is documented across NVD, Red Hat, CVE listings, and other feeds, wit...
CVE-2025-61658
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php. This issue affects CheckUser: from before 1.43.4, 1.44.1...
EUVD-2025-206654
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php. This issue affects CheckUser: from before 1.43.4, 1.44.1...
CVE-2025-61658 Special:GlobalContributions shows edits on wikis the viewer doesn't have access to
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php. This issue affects CheckUser: from before 1.43.4, 1.44.1...
CVE-2025-61651
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser/checkuser/checkUserHelper/buildUserElement.Js. This issue affects CheckUser: from...
EUVD-2025-206637
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser/checkuser/checkUserHelper/buildUserElement.Js. This issue affects CheckUser: from...
CVE-2025-61651 i18n XSS through Special:CheckUser CheckUser helper
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser/checkuser/checkUserHelper/buildUserElement.Js. This issue affects CheckUser: from...
CVE-2025-61651
CVE-2025-61651 is an XSS vulnerability in Wikimedia Foundation CheckUser, caused by improper neutralization of input during web page generation in the file modules/ext.CheckUser/checkuser/checkUserHelper/buildUserElement.Js. The issue affects CheckUser from variants before version 1.44.1. Public ...
CVE-2025-61651 i18n XSS through Special:CheckUser CheckUser helper
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser/checkuser/checkUserHelper/buildUserElement.Js. This issue affects CheckUser: from...
CVE-2025-61648 Stored XSS through system messages in CheckUser
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser.TempAccounts/components/ShowIPButton.Vue,...
EUVD-2025-206640
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser.TempAccounts/components/ShowIPButton.Vue,...
CVE-2025-61648
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser.TempAccounts/components/ShowIPButton.Vue,...
CVE-2025-61648
CVE-2025-61648 is a Cross-Site Scripting (XSS) vulnerability in Wikimedia Foundation CheckUser. Affected components are the front-end scripts ShowIPButton.Vue and the back-end Admin/Block logic in SpecialBlock.Js. The issue arises from improper neutralization of input during web page generation. ...