341 matches found
CVE-2025-61652 Action API discussiontoolspageinfo does not check for authorizeRead for the page
Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from before 1.43.4, 1.44.1...
EUVD-2025-206638
Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php. This issue affects OATHAuth: from before 1.39.14, 1.43.4, 1.44.1...
CVE-2025-11173
Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php. This issue affects OATHAuth: from before 1.39.14, 1.43.4, 1.44.1...
EUVD-2025-206641
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php. This issue affects CheckUser: from 7cedd58781d261f110651b6af4f41d2d11ae7309...
CVE-2025-61647
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php. This issue affects CheckUser: from a3dc1bbcc33acbcca6831d6afaccbb1054c93a57, 0584eb2ad564648aa3ce9c555dd044dda02b55f4...
CVE-2025-61637
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Action/mediawiki.Action.Edit.Preview.Js, resources/src/mediawiki.Page.Preview.Js...
EUVD-2025-206642
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php. This issue affects CheckUser: from before...
CVE-2025-61650
CVE-2025-61650 is an XSS vulnerability in Wikimedia Foundation CheckUser. Affected component: CheckUserUserInfoCardService.Php (file path: src/Services/CheckUserUserInfoCardService.Php). The issue arises in web page generation due to improper input neutralization. Affected scope: CheckUser before...
EUVD-2025-206645
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php. This issue affects CheckUser: from a3dc1bbcc33acbcca6831d6afaccbb1054c93a57, 0584eb2ad564648aa3ce9c555dd044dda02b55f4...
CVE-2025-61647
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php. This issue affects CheckUser: from a3dc1bbcc33acbcca6831d6afaccbb1054c93a57, 0584eb2ad564648aa3ce9c555dd044dda02b55f4...
CVE-2025-61647 UserInfoCard: Don't allow access to information about users who are suppressed if you don't have suppressor rights
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php. This issue affects CheckUser: from a3dc1bbcc33acbcca6831d6afaccbb1054c93a57, 0584eb2ad564648aa3ce9c555dd044dda02b55f4...
MediaWiki 安全漏洞
MediaWiki is a free and open-source web-based wiki engine developed by the Wikimedia Foundation in the United States. This product can be used to deploy internal knowledge management and content management systems. Versions of Wikimedia Foundation MediaWiki prior to 1.44.1 contained security...
PT-2026-5733
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php. This issue affects CheckUser: from a3dc1bbcc33acbcca6831d6afaccbb1054c93a57, 0584eb2ad564648aa3ce9c555dd044dda02b55f4...
PT-2026-5740
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php. This issue affects CheckUser: from before 1.43.4, 1.44.1...
CVE-2025-61635
Vulnerability in Wikimedia Foundation ConfirmEdit. This vulnerability is associated with program files includes/FancyCaptcha/ApiFancyCaptchaReload.Php. This issue affects ConfirmEdit:...
UBUNTU-CVE-2025-6589
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/specials/pagers/BlockListPager.Php. This issue affects MediaWiki: = 1.42.0...
UBUNTU-CVE-2025-6595
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MultimediaViewer.This issue affects MultimediaViewer: from before 1.39.13, 1.42.7, 1.43.2, 1.44.0...
CVE-2025-6592 Creating a permanent account from a temporary account associates temp username and IP address with real username in AbuseLog
Vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/auth/AuthManager.Php. This issue affects AbuseFilter: from fe0b1cb9e9691faf4d8d9bd80646589f6ec37615 before 1.43.2, 1.44.0...
CVE-2025-6595
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MultimediaViewer.This issue affects MultimediaViewer: from before 1.39.13, 1.42.7, 1.43.2, 1.44.0...
CVE-2026-22714
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - Monaco Skin allows Cross-Site Scripting XSS.This issue affects Mediawiki - Monaco Skin: 1.45, 1.44, 1.43, 1.39...