20 matches found
CVE-2026-22710
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - Wikibase Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Wikibase Extension: 1.45, 1.44, 1.43, 1.39...
CVE-2026-22710
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - Wikibase Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Wikibase Extension: 1.45, 1.44, 1.43, 1.39...
Mediawiki - Wikibase Extension 安全漏洞
Mediawiki - Wikibase Extension is an open source database extension for Mediawiki. A security vulnerability exists in Mediawiki - Wikibase Extension versions 1.45, 1.44, 1.43, and 1.39, which stems from improper input neutralization and could lead to a cross-site scripting attack...
CVE-2026-22710 Stored XSS through autocomment system messages in Wikibase
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - Wikibase Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Wikibase Extension: 1.45, 1.44, 1.43, 1.39...
CVE-2026-22710 Stored XSS through autocomment system messages in Wikibase
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - Wikibase Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Wikibase Extension: 1.45, 1.44, 1.43, 1.39...
CVE-2026-22710
The CVE-2026-22710 issue affects Mediawiki - Wikibase Extension versions 1.39 through 1.45. It stems from improper neutralization of input during web page generation, enabling Cross-Site Scripting (XSS) through autocomment system messages. Impact is XSS with potential script injection, as describ...
PT-2026-2256
Name of the Vulnerable Software and Affected Versions Mediawiki - Wikibase Extension versions 1.39 through 1.45 Description The Mediawiki - Wikibase Extension is susceptible to a Cross-Site Scripting XSS issue due to improper neutralization of input during web page generation. This allows for the...
EUVD-2023-49663
Malicious code in bioql PyPI...
CVE-2023-45371
An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is no rate limit for merging items...
CVE-2023-45372
An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. During item merging, ItemMergeInteractor does not have an edit filter running e.g., AbuseFilter...
CVE-2023-45372
An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. During item merging, ItemMergeInteractor does not have an edit filter running e.g., AbuseFilter...
CVE-2023-45371
An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is no rate limit for merging items...
CVE-2023-45372
An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. During item merging, ItemMergeInteractor does not have an edit filter running e.g., AbuseFilter...
MediaWiki Security Breach
MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A security vulnerability exists in MediaWiki that stems from a Wikibase extension that does not r...
CVE-2023-45372
An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. During item merging, ItemMergeInteractor does not have an edit filter running e.g., AbuseFilter...
CVE-2023-45371
An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is no rate limit for merging items...
CVE-2023-45372
An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. During item merging, ItemMergeInteractor does not have an edit filter running e.g., AbuseFilter...
PT-2023-8948 · Mediawiki +2 · Wikibase +2
Name of the Vulnerable Software and Affected Versions: Wikibase extension for MediaWiki versions 1.35.x through 1.35.11 Wikibase extension for MediaWiki versions 1.36.x through 1.39.4 Wikibase extension for MediaWiki versions 1.40.x through 1.40.0 Description: An issue was discovered in the...
PT-2022-22316 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.38.1 Description: An issue in MediaWiki allows the creation of larger lexemes than the capped length of a thousand characters, as this length is not validated. This introduces denial-of-service attack vectors with...
CVE-2013-4307
CVE-2013-4307 affects the Wikibase extension for MediaWiki, with multiple XSS vulnerabilities in repo/includes/EntityView.php. The issues arise in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2, allowing remote attackers to inject arbitrary script or HTML via a lab...