35 matches found
CVE-2025-61655
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js,...
CVE-2025-67478
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from before 1.39.14, 1.43.4, 1.44.1...
CVE-2025-67479
Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1; Cite: from before 1.39.14,...
CVE-2025-61653
Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program files includes/ApiQueryExtracts.Php. This issue affects TextExtracts: from before 1.39.14, 1.43.4, 1.44.1...
UBUNTU-CVE-2025-67478
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from before 1.39.14, 1.43.4, 1.44.1...
UBUNTU-CVE-2025-11173
Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php. This issue affects OATHAuth: from before 1.39.14, 1.43.4, 1.44.1...
UBUNTU-CVE-2025-61646
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1...
CVE-2025-67478
Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from before 1.39.14, 1.43.4, 1.44.1...
EUVD-2025-206754
Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1; Cite: from before 1.39.14,...
CVE-2025-67479
Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1; Cite: from before 1.39.14,...
CVE-2025-61655
CVE-2025-61655 is a stored XSS vulnerability in Wikimedia Foundation VisualEditor. Public details identify vulnerable components as includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js, and modules/ve-mw/ui/dialogs/ve.Ui.MWSaveDialog.Js, affecting Visual...
CVE-2025-61655
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js,...
CVE-2025-61656 XSS when pasting into VE
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/ce/ve.Ce.ClipboardHandler.Js. This issue affects VisualEditor: from before 1.39.14, 1.43.4, 1.44.1...
CVE-2025-61653
Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program files includes/ApiQueryExtracts.Php. This issue affects TextExtracts: from before 1.39.14, 1.43.4, 1.44.1...
CVE-2025-11173 Reauth for enabling 2FA can be bypassed by submitting a form
Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php. This issue affects OATHAuth: from before 1.39.14, 1.43.4, 1.44.1...
CVE-2025-11173
CVE-2025-11173 affects Wikimedia Foundation OATHAuth via the file src/Special/OATHManage.Php. The issue impacts OATHAuth versions before 1.39.14, 1.43.4, and 1.44.1. Debian advisories (DSA-6085-1) indicate fixes are available: oldstable (bookworm) upgrades to 1:1.39.17-1~deb12u1, stable (trixie) ...
CVE-2025-11173
Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php. This issue affects OATHAuth: from before 1.39.14, 1.43.4, 1.44.1...
CVE-2025-61643
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/recentchanges/RecentChangeRCFeedNotifier.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1...
CVE-2025-61639
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php. This...
CVE-2025-61636
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLButtonField.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4,...