8 matches found
UBUNTU-CVE-2025-67477
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from before...
Cross-site Scripting (XSS)
Overview mediawiki/core is a Free software wiki application developed by the Wikimedia Foundation and others. Note: This package is not maintained on Packagist anymore, but newer releases exist. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Special:ApiSandbo...
CVE-2025-67477 Stored XSS through a system message in Special:ApiSandbox
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from before...
Cross-site Scripting (XSS)
Overview mediawiki/core is a Free software wiki application developed by the Wikimedia Foundation and others. Note: This package is not maintained on Packagist anymore, but newer releases exist. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper input...
CVE-2025-6594
CVE-2025-6594 is an XSS in MediaWiki’s ApiSandbox.js (Special:ApiSandbox). The issue arises from improper neutralization of input during web page generation. Affected MediaWiki versions include 1.27.0 up to but not including 1.39.13, 1.42.7–1.43.2, and 1.44.0. Red Hat notes the flaw and its limit...
CVE-2019-1733
A vulnerability in the NX API NX-API Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to insufficient validation of...
CVE-2019-1733 Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability
A vulnerability in the NX API NX-API Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to insufficient validation of...
CVE-2019-1733 Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability
A vulnerability in the NX API NX-API Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to insufficient validation of...