Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/07/03 7:7 a.m.8 views

CVE-2026-58038

A flaw was found in the Wikimedia Foundation Timeline component. This cross-site scripting XSS vulnerability allows a remote attacker to inject malicious scripts into web pages. Successful exploitation could lead to significant impacts such as information disclosure, session hijacking, or...

6.1CVSS5.7AI score0.00143EPSS
Exploits0References4
NVD
NVD
added 2026/07/01 4:16 p.m.9 views

CVE-2026-8857

A vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files scripts/EasyTimeline.Pl, includes/Timeline.Php. This issue affects timeline: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

8.8CVSS0.00333EPSS
Exploits1References1
NVD
NVD
added 2026/07/01 4:16 p.m.10 views

CVE-2026-58038

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files includes/Timeline.Php, scripts/EasyTimeline.Pl. This issue affects timeline: from before 1.46.0, 1.45.4,...

6.1CVSS0.00143EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/01 3:8 p.m.6 views

CVE-2026-8857

A vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files scripts/EasyTimeline.Pl, includes/Timeline.Php. This issue affects timeline: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

5.8AI score0.00333EPSS
Exploits1References2
CVE
CVE
added 2026/07/01 3:8 p.m.14 views

CVE-2026-8857

The CVE-2026-8857 entry concerns a vulnerability in the Wikimedia Foundation timeline, affecting the Timeline extension components: program files scripts/EasyTimeline.Pl and includes/Timeline.Php. Affected versions are before 1.46.0, 1.45.4, 1.44.6, and 1.43.9. The available sources do not specif...

8.8CVSS5.8AI score0.00333EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/07/01 3:8 p.m.31 views

CVE-2026-8857 Full RCE using EasyTimeline Extension

A vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files scripts/EasyTimeline.Pl, includes/Timeline.Php. This issue affects timeline: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9...

0.00333EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/07/01 3:4 p.m.6 views

CVE-2026-58038

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files includes/Timeline.Php, scripts/EasyTimeline.Pl. This issue affects timeline: from before 1.46.0, 1.45.4,...

5.8AI score0.00143EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 3:4 p.m.15 views

CVE-2026-58038

The CVE-2026-58038 issue affects the Wikimedia Foundation Timeline component and is caused by improper neutralization of input during web page generation, enabling cross-site scripting via Timeline.Php and scripts/EasyTimeline.Pl. Reported impacts include information disclosure, session hijacking...

6.1CVSS5.8AI score0.00143EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/01 3:4 p.m.38 views

CVE-2026-58038 Stored XSS through javascript URLs in SVGs generated by EasyTimeline

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files includes/Timeline.Php, scripts/EasyTimeline.Pl. This issue affects timeline: from before 1.46.0, 1.45.4,...

0.00143EPSS
Exploits0References1
Rows per page
Query Builder