Lucene search
K

8 matches found

OSV
OSV
added 2026/02/03 2:16 a.m.1 views

UBUNTU-CVE-2025-67477

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from before...

6.1CVSS5.8AI score0.00234EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/03 1:16 a.m.3 views

Cross-site Scripting (XSS)

Overview mediawiki/core is a Free software wiki application developed by the Wikimedia Foundation and others. Note: This package is not maintained on Packagist anymore, but newer releases exist. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Special:ApiSandbo...

6.1CVSS5.5AI score0.00234EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/03 1:16 a.m.25 views

CVE-2025-67477 Stored XSS through a system message in Special:ApiSandbox

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from before...

0.00234EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/02 11:49 p.m.3 views

Cross-site Scripting (XSS)

Overview mediawiki/core is a Free software wiki application developed by the Wikimedia Foundation and others. Note: This package is not maintained on Packagist anymore, but newer releases exist. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper input...

6.1CVSS5.6AI score0.0027EPSS
Exploits0References2
CVE
CVE
added 2026/02/02 11:0 p.m.18 views

CVE-2025-6594

CVE-2025-6594 is an XSS in MediaWiki’s ApiSandbox.js (Special:ApiSandbox). The issue arises from improper neutralization of input during web page generation. Affected MediaWiki versions include 1.27.0 up to but not including 1.39.13, 1.42.7–1.43.2, and 1.44.0. Red Hat notes the flaw and its limit...

4.7CVSS5.2AI score0.0027EPSS
Exploits0References1
OSV
OSV
added 2019/05/15 5:29 p.m.2 views

CVE-2019-1733

A vulnerability in the NX API NX-API Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to insufficient validation of...

5.4CVSS6.2AI score0.00894EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/05/15 4:50 p.m.20 views

CVE-2019-1733 Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability

A vulnerability in the NX API NX-API Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to insufficient validation of...

5.4CVSS5.2AI score0.00894EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2019/05/15 4:50 p.m.11 views

CVE-2019-1733 Cisco NX-OS Software NX-API Sandbox Cross-Site Scripting Vulnerability

A vulnerability in the NX API NX-API Sandbox interface for Cisco NX-OS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the NX-API Sandbox interface of an affected device. The vulnerability is due to insufficient validation of...

5.4CVSS6AI score0.00894EPSS
Exploits0References2
Rows per page
Query Builder