UBUNTU-CVE-2025-67475

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/CommentFormatter/CommentParser.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6,...

CVE-2025-67475

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/CommentFormatter/CommentParser.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6,...

Wikimedia MediaWiki 安全漏洞

Wikimedia MediaWiki is a web application developed by the Wikimedia Foundation for building Wiki websites. Versions of MediaWiki prior to 1.39.16, 1.43.6, 1.44.3, and 1.45.1 contained security vulnerabilities due to improper handling of inputs in the includes/CommentFormatter/CommentParser.Php...

Cross-site Scripting (XSS)

MediaWiki is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to mishandling of the 0x1b character in includes/CommentFormatter/CommentParser.php, as demonstrated by Special:RecentChanges%1b0000000...

UBUNTU-CVE-2024-34507

An issue was discovered in includes/CommentFormatter/CommentParser.php in MediaWiki before 1.39.7, 1.40.x before 1.40.3, and 1.41.x before 1.41.1. XSS can occur because of mishandling of the 0x1b character, as demonstrated by Special:RecentChanges%1b0000000...

CVE-2024-34507

An issue was discovered in includes/CommentFormatter/CommentParser.php in MediaWiki before 1.39.7, 1.40.x before 1.40.3, and 1.41.x before 1.41.1. XSS can occur because of mishandling of the 0x1b character, as demonstrated by Special:RecentChanges%1b0000000...