CVE-2026-39934 Growth Experiments ReassignMenteesJob runs as an infinite loop

Loop with unreachable exit condition 'infinite loop' vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Leveraging Time-of-Check and Time-of-Use TOCTOU Race Conditions. This issue was remediated only on the master branch...

CVE-2026-22713

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - GrowthExperiments Extension: 1.45, 1.44, 1.43, 1.39...

CVE-2026-22713

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - GrowthExperiments Extension: 1.45, 1.44, 1.43, 1.39...

CVE-2026-22713

The CVE concerns the Wikimedia Foundation MediaWiki GrowthExperiments Extension, where a Cross-Site Scripting (XSS) vulnerability arises from improper neutralization of input during web page generation, exposed through edit summaries. Affected versions are 1.39–1.45. The confirmed impact is XSS i...

Mediawiki - GrowthExperiments Extension Default Permission Error Vulnerability

Mediawiki - GrowthExperiments Extension is an extension to MediaWiki designed to increase new user engagement and the quality of content contributions through a task system, a recommendation mechanism and a mentor feature. A default permission error vulnerability exists in Mediawiki -...

CVE-2025-62661

A flaw was found in the Thanks and Growth Experiments extensions in Mediawiki. Improper default permissions allows users to access functionality that are not correctly constrained by ACLs...

CVE-2025-62661

Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki - Thanks Extension, Mediawiki - Growth Experiments Extension allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mediawiki - Thanks Extension, Mediawiki - Growth Experiments Extension:...

CVE-2025-62661 Do permission checking when getting counts of global and local edits, new articles and thanks

Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki - Thanks Extension, Mediawiki - Growth Experiments Extension allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mediawiki - Thanks Extension, Mediawiki - Growth Experiments Extension:...

EUVD-2025-35215

Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki - Thanks Extension, Mediawiki - Growth Experiments Extension allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mediawiki - Thanks Extension, Mediawiki - Growth Experiments Extension:...

CVE-2025-62661

The CVE-2025-62661 issue targets Wikimedia Foundation MediaWiki extensions (Thanks Extension and Growth Experiments Extension). The root cause is incorrect default permissions that allow access to functionality not properly constrained by ACLs. Affected products include the Thanks Extension and G...

MediaWiki - Thanks Extension和MediaWiki - Growth Experiments Extension 安全漏洞

MediaWiki - Thanks Extension and MediaWiki - Growth Experiments Extension are both open source MediaWiki products.MediaWiki - Thanks Extension is a thanks extension.MediaWiki - Growth Experiments Extension is a web extension. A security vulnerability exists in MediaWiki - Thanks Extension and...

CVE-2025-62667

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Stored XSS.This issue affects Mediawiki - GrowthExperiments Extension: from master before 1.39...

Mediawiki - GrowthExperiments Extension 安全漏洞

Mediawiki - GrowthExperiments Extension is an extension to MediaWiki designed to increase new user engagement and the quality of content contributions through a task system, a recommendation mechanism and a mentor feature. A cross-site scripting vulnerability exists in Mediawiki - GrowthExperimen...

EUVD-2025-10825

Malicious code in bioql PyPI...

CVE-2025-32067

Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Growth Experiments Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Growth Experiments Extension: from 1.39 through 1.43...

CVE-2025-32067

Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Growth Experiments Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Growth Experiments Extension: from 1.39 through 1.43...

CVE-2025-32067 i18n XSS vulnerability in message growthexperiments

Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Growth Experiments Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Growth Experiments Extension: from 1.39 through 1.43...

CVE-2025-32067 i18n XSS vulnerability in message growthexperiments

Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Growth Experiments Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Growth Experiments Extension: from 1.39 through 1.43...

CVE-2025-32067

The CVE-2025-32067 entry concerns the Wikimedia Foundation MediaWiki Growth Experiments Extension, with an underlying issue of improper input validation that enables Cross-Site Scripting (XSS). Affected versions are 1.39 through 1.43. Public references from multiple feeds (Red Hat, NVD, CVE List,...

MediaWiki 输入验证错误漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the Wikimedia USA Foundation. The product can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki - Growth Experiments Extension versions 1.39...