5 matches found
CVE-2026-22713
The CVE-2026-22713 issue affects MediaWiki - GrowthExperiments Extension versions 1.39, 1.43, 1.44, and 1.45, where improper neutralization of input during web page generation enables Cross-Site Scripting (XSS). The vulnerability stems from how edit summaries are processed, allowing injected scri...
PT-2026-2258
Name of the Vulnerable Software and Affected Versions Mediawiki - GrowthExperiments Extension versions 1.39 through 1.45 Description The Wikimedia Foundation Mediawiki - GrowthExperiments Extension is susceptible to a Cross-Site Scripting XSS issue due to improper neutralization of input during w...
CVE-2026-0671
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki - UploadWizard extension allows Cross-Site Scripting XSS.This issue affects MediaWiki - UploadWizard extension: 1.45, 1.44, 1.43, 1.39...
PT-2026-2259
Name of the Vulnerable Software and Affected Versions MediaWiki - Monaco Skin versions 1.39 through 1.45 Description An issue exists in MediaWiki - Monaco Skin related to improper neutralization of input during web page generation, which can lead to Cross-Site Scripting XSS. This allows for the...
CVE-2026-0670 Stored XSS through a system message and a user-provided parameter in ProofreadPage
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows Cross-Site Scripting XSS.This issue affects MediaWiki - ProofreadPage Extension: 1.45, 1.44, 1.43, 1.39...