UBUNTU-CVE-2025-61635

Vulnerability in Wikimedia Foundation ConfirmEdit. This vulnerability is associated with program files includes/FancyCaptcha/ApiFancyCaptchaReload.Php. This issue affects ConfirmEdit:...

CVE-2025-61650

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php. This issue affects CheckUser: from before...

CVE-2025-61650

CVE-2025-61650 is an XSS vulnerability in Wikimedia Foundation CheckUser. Affected component: CheckUserUserInfoCardService.Php (file path: src/Services/CheckUserUserInfoCardService.Php). The issue arises in web page generation due to improper input neutralization. Affected scope: CheckUser before...

EUVD-2025-206642

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php. This issue affects CheckUser: from before...

EUVD-2025-206645

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php. This issue affects CheckUser: from a3dc1bbcc33acbcca6831d6afaccbb1054c93a57, 0584eb2ad564648aa3ce9c555dd044dda02b55f4...

CVE-2025-61647 UserInfoCard: Don't allow access to information about users who are suppressed if you don't have suppressor rights

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php. This issue affects CheckUser: from a3dc1bbcc33acbcca6831d6afaccbb1054c93a57, 0584eb2ad564648aa3ce9c555dd044dda02b55f4...

CVE-2025-61647

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php. This issue affects CheckUser: from a3dc1bbcc33acbcca6831d6afaccbb1054c93a57, 0584eb2ad564648aa3ce9c555dd044dda02b55f4...

Wikimedia DiscussionTools 安全漏洞

Wikimedia DiscussionTools is a discussion tool provided by the Wikimedia Foundation. Versions of Wikimedia DiscussionTools prior to 1.43.4 and 1.44.1 contained security vulnerabilities. These vulnerabilities stemmed from the discussiontoolspageinfo method in the Action API, which did not check...

Wikimedia VisualEditor 安全漏洞

Wikimedia VisualEditor is a visual editor developed by the Wikimedia Foundation. Versions of Wikimedia VisualEditor prior to 1.39.14, 1.43.4, and 1.44.1 contained security vulnerabilities due to improper input handling, which could lead to cross-site scripting attacks...

PT-2026-5740

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php. This issue affects CheckUser: from before 1.43.4, 1.44.1...

PT-2026-5736

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser.TempAccounts/components/ShowIPButton.Vue,...

Wikimedia MediaWiki 安全漏洞

Wikimedia MediaWiki is a web application developed by the Wikimedia Foundation for building Wiki websites. Versions of MediaWiki prior to 1.39.16, 1.43.6, 1.44.3, and 1.45.1 contained security vulnerabilities due to a flaw in the includes/Api/ApiQueryRevisionsBase.Php file...

Wikimedia CheckUser 安全漏洞

Wikimedia CheckUser is a advanced investigation tool of the Wikimedia Foundation designed to combat disruptive behavior. Previous versions of Wikimedia CheckUser had a security vulnerability due to improper input handling, which could lead to cross-site scripting attacks...

PT-2026-5739

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser/checkuser/checkUserHelper/buildUserElement.Js. This issue affects CheckUser: from...

PT-2026-5738

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Services/CheckUserUserInfoCardService.Php. This issue affects CheckUser: from before...

MediaWiki 安全漏洞

MediaWiki is a free and open-source web-based wiki engine developed by the Wikimedia Foundation in the United States. This product can be used to deploy internal knowledge management and content management systems. Versions of Wikimedia Foundation MediaWiki prior to 1.44.1 contained security...

Wikimedia VisualEditor 安全漏洞

Wikimedia VisualEditor is a visual editor developed by the Wikimedia Foundation. Versions of Wikimedia VisualEditor prior to 1.39.14, 1.43.4, and 1.44.1 contained security vulnerabilities due to improper input handling, which could lead to cross-site scripting attacks...

Wikimedia Scribunto 安全漏洞

Wikimedia Scribunto is a scripting development tool provided by the Wikimedia Foundation. There are security vulnerabilities in Wikimedia Scribunto and luasandbox, which stem from defects in the files includes/Engines/LuaCommon/lualib/mwInit.Lua and library.C. The following products and versions...

Wikimedia TextExtracts 安全漏洞

Wikimedia TextExtracts is an extension for extracting content from Wikipedia articles. Versions of Wikimedia TextExtracts prior to 1.39.14, 1.43.4, and 1.44.1 contained security vulnerabilities, which stemmed from a flaw where read permissions were not checked when returning the extracted content...

Wikimedia CheckUser 安全漏洞

Wikimedia CheckUser is a advanced investigation tool of the Wikimedia Foundation designed to combat disruptive behavior. Versions of Wikimedia CheckUser prior to 1.44.1 contained a security vulnerability caused by improper input handling, which could lead to cross-site scripting attacks...