20 matches found
CVE-2026-39838
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows XSS Targeting Non-Script Elements. The issue has been remediated on the master branch, and in the release branches for MediaWiki...
CVE-2026-39838
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows XSS Targeting Non-Script Elements.This issue affects...
CVE-2026-39838
CVE-2026-39838 affects the Wikimedia Foundation MediaWiki ProofreadPage extension . The flaw is due to improper neutralization of input during web page generation , enabling cross-site scripting (XSS) targeting Non-Script Elements. The CVE record notes the issue is tied to the ProofreadPage’s han...
CVE-2026-39838 ProofreadPage improperly sanitizes multiline styles using Sanitizer::checkCSS
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows XSS Targeting Non-Script Elements. The issue has been remediated on the master branch, and in the release branches for MediaWiki...
MediaWiki - ProofreadPage Extension 安全漏洞
MediaWiki - ProofreadPage Extension is an open-source documentation comparison plugin for MediaWiki. The MediaWiki - ProofreadPage Extension has a security vulnerability, which stems from improper input during page generation. This vulnerability may lead to cross-site scripting attacks targeting...
PT-2026-30991
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows XSS Targeting Non-Script Elements.This issue affects...
CVE-2026-0670
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows Cross-Site Scripting XSS.This issue affects MediaWiki - ProofreadPage Extension: 1.45, 1.44, 1.43, 1.39...
CVE-2026-0670
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows Cross-Site Scripting XSS.This issue affects MediaWiki - ProofreadPage Extension: 1.45, 1.44, 1.43, 1.39...
CVE-2026-0670 Stored XSS through a system message and a user-provided parameter in ProofreadPage
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows Cross-Site Scripting XSS.This issue affects MediaWiki - ProofreadPage Extension: 1.45, 1.44, 1.43, 1.39...
CVE-2026-0670
CVE-2026-0670 is a Cross-Site Scripting (XSS) vulnerability in the Wikimedia Foundation MediaWiki ProofreadPage Extension. The issue stems from improper input neutralization during web page generation and affects ProofreadPage Extension versions 1.39, 1.43, 1.44, and 1.45. Remediation guidance fr...
PT-2026-1966
Name of the Vulnerable Software and Affected Versions MediaWiki - ProofreadPage Extension versions 1.39 through 1.45 Description The MediaWiki - ProofreadPage Extension contains a flaw related to improper input neutralization during web page generation, leading to a Cross-Site Scripting XSS issue...
MediaWiki - ProofreadPage Extension 安全漏洞
MediaWiki - ProofreadPage Extension is an open source document cross-referencing plugin for MediaWiki. A security vulnerability exists in MediaWiki - ProofreadPage Extension versions 1.45, 1.44, 1.43, and 1.39, which stems from improper input neutralization and could lead to a cross-site scriptin...
EUVD-2023-49665
Malicious code in bioql PyPI...
CVE-2023-37305
An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...
The vulnerability of the ProofreadPage extension, a software tool for implementing a hypertext environment like MediaWiki, allows a hacker to carry out cross-site scripting attacks.
The vulnerability of the ProofreadPage extension, a software tool for implementing the MediaWiki hypertext environment, exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attac...
CVE-2023-45373
An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. XSS can occur via formatNumNoSeparators...
CVE-2023-45373
An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. XSS can occur via formatNumNoSeparators...
MediaWiki Cross-Site Scripting Vulnerability
MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A security vulnerability exists in MediaWiki, which stems from a cross-site scripting attack by t...
PT-2023-8946 · Mediawiki +2 · Mediawiki Proofreadpage Extension +2
Name of the Vulnerable Software and Affected Versions: MediaWiki ProofreadPage extension versions prior to 1.35.12 MediaWiki ProofreadPage extension versions 1.36.x through 1.39.x before 1.39.5 MediaWiki ProofreadPage extension versions 1.40.x before 1.40.1 Description: The issue exists due to a...
CVE-2023-37305
An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...