Lucene search
K

57 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.11 views

CVE-2026-39841

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.3CVSS5.4AI score0.00158EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.9 views

CVE-2026-39840

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows XSS Targeting Non-Script Elements.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.1CVSS5.4AI score0.00158EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/07 9:32 p.m.1 views

EUVD-2026-19927

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in WikiWorks Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.3CVSS5.9AI score0.00189EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/07 9:32 p.m.2 views

EUVD-2026-19929

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows XSS Targeting Non-Script Elements.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

5.1CVSS5.9AI score0.00158EPSS
Exploits1References3
NVD
NVD
added 2026/04/07 8:16 p.m.2 views

CVE-2026-39841

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.3CVSS0.00158EPSS
Exploits1References2
NVD
NVD
added 2026/04/07 8:16 p.m.7 views

CVE-2026-39840

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows XSS Targeting Non-Script Elements.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.1CVSS0.00158EPSS
Exploits1References2
NVD
NVD
added 2026/04/07 8:16 p.m.4 views

CVE-2026-39839

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.3CVSS0.00181EPSS
Exploits1References3
CVE
CVE
added 2026/04/07 7:47 p.m.11 views

CVE-2026-39837

CVE-2026-39837 is a stored XSS vulnerability in the WikiWorks MediaWiki – Cargo Extension affecting versions before 3.8.7. The issue stems from the improper neutralization of Script-Related HTML tags in a web page, enabling stored cross-site scripting. The connected records do not provide explici...

6.3CVSS5.9AI score0.00189EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/07 7:47 p.m.2 views

CVE-2026-39837 Stored XSS through the dynamic table format in Cargo

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in WikiWorks Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.3CVSS5.9AI score0.00189EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/07 7:47 p.m.15 views

CVE-2026-39837 Stored XSS through the dynamic table format in Cargo

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in WikiWorks Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.3CVSS0.00189EPSS
Exploits1References2
CVE
CVE
added 2026/04/07 7:43 p.m.12 views

CVE-2026-39841

The CVE-2026-39841 vulnerability is a Stored XSS in the MediaWiki Cargo Extension (pre-3.8.7) due to improper neutralization of Script-Related HTML tags in list fields on Cargo pages and Special:CargoTables. This affects how Cargo handles page values, allowing injected scripts to be stored and po...

6.3CVSS5.9AI score0.00158EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/07 7:43 p.m.3 views

CVE-2026-39841

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.3CVSS5.9AI score0.00158EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/07 7:35 p.m.2 views

CVE-2026-39840

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows XSS Targeting Non-Script Elements.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

5.1CVSS5.9AI score0.00158EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/04/07 7:35 p.m.2 views

CVE-2026-39840 CSS injection in multiple Cargo display formats

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows XSS Targeting Non-Script Elements.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

5.1CVSS5.9AI score0.00158EPSS
Exploits1References2
CVE
CVE
added 2026/04/07 7:35 p.m.14 views

CVE-2026-39840

The CVE-2026-39840 issue affects Wikimedia Foundation MediaWiki’s Cargo Extension (before version 3.8.7). It is caused by improper neutralization of input during web page generation, enabling cross-site scripting (XSS) that targets non-script elements. Impact is user-side script execution with th...

6.1CVSS5.9AI score0.00158EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/04/07 7:29 p.m.9 views

CVE-2026-39839

CVE-2026-39839 affects Wikimedia Foundation MediaWiki Cargo Extension prior to 3.8.7. It is a Stored XSS vulnerability caused by improper neutralization of Script-Related HTML tags in a web page, exploitable via map format URLs stored by the extension. The impact is stored XSS with potential user...

6.3CVSS5.9AI score0.00181EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/07 7:29 p.m.2 views

CVE-2026-39839

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.3CVSS5.9AI score0.00181EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.8 views

MediaWiki - Cargo Extension 安全漏洞

MediaWiki – Cargo Extension is an open-source plugin for querying and storing data in MediaWiki. Versions of MediaWiki – Cargo Extension prior to 3.8.7 contained security vulnerabilities. These vulnerabilities were due to improper handling of script-related HTML tags, which could lead to stored-x...

6.3CVSS5.8AI score0.00181EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.7 views

MediaWiki - Cargo Extension 安全漏洞

MediaWiki - Cargo Extension is an open-source plugin for querying and storing data in MediaWiki. Versions of MediaWiki - Cargo Extension prior to 3.8.7 contained security vulnerabilities, which were caused by improper handling of script-related HTML tags. These vulnerabilities could lead to...

6.3CVSS5.8AI score0.00158EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.3 views

PT-2026-31013

Improper neutralization of Script-Related HTML tags in a web page basic XSS vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7...

6.3CVSS5.9AI score0.00158EPSS
Exploits1References4
Rows per page
Query Builder