Lucene search
K

4 matches found

Cvelist
Cvelist
added 2025/07/08 2:58 p.m.9 views

CVE-2025-53480 CheckUser: Reflected Cross-Site Scripting (XSS) in Special:Investigate (Account information tab) via unsanitized i18n messages

The CheckUser extension’s Special:Investigate page has a vulnerability in the Account information tab, where specific internationalized messages are rendered without proper escaping. Attackers can exploit this by appending ?uselang=x-xss to the URL, causing reflected XSS when the UI renders...

0.0017EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/08 2:58 p.m.3 views

CVE-2025-53480 CheckUser: Reflected Cross-Site Scripting (XSS) in Special:Investigate (Account information tab) via unsanitized i18n messages

The CheckUser extension’s Special:Investigate page has a vulnerability in the Account information tab, where specific internationalized messages are rendered without proper escaping. Attackers can exploit this by appending ?uselang=x-xss to the URL, causing reflected XSS when the UI renders...

6AI score0.0017EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/07 12:0 a.m.5 views

MediaWiki Security Breach

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A security vulnerability exists in MediaWiki versions prior to 1.42.1, which stems from a...

4.3CVSS6.5AI score0.00332EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/06 12:0 a.m.6 views

PT-2024-28932 · Mediawiki · Mediawiki Checkuser Extension

Name of the Vulnerable Software and Affected Versions: MediaWiki CheckUser extension versions through 1.42.1 Description: The Special:Investigate feature can expose suppressed information for log events due to the TimelineService not supporting proper suppression. Recommendations: For versions...

4.3CVSS7AI score0.00332EPSS
Exploits0References10
Rows per page
Query Builder