14 matches found
CVE-2026-22712
Improper Encoding or Escaping of Output due to magic word replacement in ParserAfterTidy vulnerability in The Wikimedia Foundation Mediawiki - ApprovedRevs Extension allows Input Data Manipulation.This issue affects Mediawiki - ApprovedRevs Extension: 1.45, 1.44, 1.43, 1.39...
CVE-2026-22712
Improper Encoding or Escaping of Output due to magic word replacement in ParserAfterTidy vulnerability in The Wikimedia Foundation Mediawiki - ApprovedRevs Extension allows Input Data Manipulation.This issue affects Mediawiki - ApprovedRevs Extension: 1.45, 1.44, 1.43, 1.39...
CVE-2026-22712
The CVE-2026-22712 issue affects the MediaWiki extension ApprovedRevs. A flaw in ParserAfterTidy causes improper encoding/escaping of output due to magic word replacement, enabling input data manipulation. Affected versions are 1.39 through 1.45. The reported impact is limited to data handling vi...
CVE-2026-22712 ApprovedRevs allows bypassing the inline CSS sanitizer
Improper Encoding or Escaping of Output due to magic word replacement in ParserAfterTidy vulnerability in The Wikimedia Foundation Mediawiki - ApprovedRevs Extension allows Input Data Manipulation.This issue affects Mediawiki - ApprovedRevs Extension: 1.45, 1.44, 1.43, 1.39...
CVE-2026-22712 ApprovedRevs allows bypassing the inline CSS sanitizer
Improper Encoding or Escaping of Output due to magic word replacement in ParserAfterTidy vulnerability in The Wikimedia Foundation Mediawiki - ApprovedRevs Extension allows Input Data Manipulation.This issue affects Mediawiki - ApprovedRevs Extension: 1.45, 1.44, 1.43, 1.39...
PT-2026-2257
Name of the Vulnerable Software and Affected Versions Mediawiki - ApprovedRevs Extension versions 1.39 through 1.45 Description The Mediawiki - ApprovedRevs Extension contains a flaw related to improper encoding or escaping of output due to magic word replacement in ParserAfterTidy. This can lead...
Mediawiki - ApprovedRevs Extension 安全漏洞
Mediawiki - ApprovedRevs Extension is an open source content quality control plugin for Mediawiki. A security vulnerability exists in Mediawiki - ApprovedRevs Extension versions 1.45, 1.44, 1.43, and 1.39, which stems from improper output encoding or escaping, and could lead to input data...
EUVD-2025-20236
Malicious code in bioql PyPI...
CVE-2025-53487
The ApprovedRevs extension for MediaWiki is vulnerable to stored XSS in multiple locations where system messages are inserted into raw HTML without proper escaping. Attackers can exploit this by injecting JavaScript payloads via the uselang=x-xss language override, which causes crafted message ke...
CVE-2025-53487
The ApprovedRevs extension for MediaWiki is vulnerable to stored XSS in multiple locations where system messages are inserted into raw HTML without proper escaping. Attackers can exploit this by injecting JavaScript payloads via the uselang=x-xss language override, which causes crafted message ke...
CVE-2025-53487 ApprovedRevs: Stored Cross-Site Scripting (XSS) via unsanitized system messages
The ApprovedRevs extension for MediaWiki is vulnerable to stored XSS in multiple locations where system messages are inserted into raw HTML without proper escaping. Attackers can exploit this by injecting JavaScript payloads via the uselang=x-xss language override, which causes crafted message ke...
CVE-2025-53487 ApprovedRevs: Stored Cross-Site Scripting (XSS) via unsanitized system messages
The ApprovedRevs extension for MediaWiki is vulnerable to stored XSS in multiple locations where system messages are inserted into raw HTML without proper escaping. Attackers can exploit this by injecting JavaScript payloads via the uselang=x-xss language override, which causes crafted message ke...
PT-2025-28178 · Unknown +1 · Approvedrevs Extension +1
Name of the Vulnerable Software and Affected Versions: ApprovedRevs extension for MediaWiki versions 1.39.X through 1.39.12 ApprovedRevs extension for MediaWiki versions 1.42.X through 1.42.6 ApprovedRevs extension for MediaWiki versions 1.43.X through 1.43.1 Description: The issue is related to...
Wikimedia Mediawiki - ApprovedRevs Extension 安全漏洞
Wikimedia Mediawiki - ApprovedRevs Extension is a page versioning extension from the Wikimedia Foundation. A security vulnerability exists in Wikimedia Mediawiki - ApprovedRevs Extension versions prior to 1.39.13, prior to 1.42.7, and prior to 1.43.2, which stems from a system message that is not...