Lucene search
K

11 matches found

NVD
NVD
added 2026/02/03 2:16 a.m.6 views

CVE-2025-67481

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js. This issue affects MediaWiki: from before 1.39.1...

6.1CVSS0.00221EPSS
Exploits0References1
OSV
OSV
added 2026/02/03 2:16 a.m.4 views

UBUNTU-CVE-2025-67484

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6, 1.44.3, 1.45.1...

9.8CVSS5.8AI score0.00395EPSS
Exploits0References3
OSV
OSV
added 2026/02/03 2:16 a.m.4 views

UBUNTU-CVE-2025-67480

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6, 1.44.3, 1.45.1...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/03 1:30 a.m.27 views

CVE-2025-67481 mw.message(…).parse() doesn't output safe HTML, but it's being used as if it does

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js. This issue affects MediaWiki: from before 1.39.1...

0.00221EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/03 1:30 a.m.5 views

CVE-2025-67481 mw.message(…).parse() doesn't output safe HTML, but it's being used as if it does

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js. This issue affects MediaWiki: from before 1.39.1...

5.3AI score0.00221EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 1:28 a.m.5 views

CVE-2025-67482

Vulnerability in Wikimedia Foundation Scribunto, Wikimedia Foundation luasandbox. This vulnerability is associated with program files includes/Engines/LuaCommon/lualib/mwInit.Lua, library.C. This issue affects Scribunto: from before 1.39.16, 1.43.6, 1.44.3, 1.45.1; luasandbox: from before...

6.3CVSS5.2AI score0.00291EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/03 1:24 a.m.27 views

CVE-2025-67484 Action API xslt option allows JavaScript execution by administrators who are not interface administrators

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6, 1.44.3, 1.45.1...

0.00395EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 1:24 a.m.5 views

CVE-2025-67484

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6, 1.44.3, 1.45.1...

5.2AI score0.00395EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/03 1:23 a.m.4 views

EUVD-2025-206649

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6, 1.44.3, 1.45.1...

5.3AI score0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/03 1:21 a.m.36 views

CVE-2025-67475 Stored XSS through edit summaries in MW Core

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/CommentFormatter/CommentParser.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6,...

0.00211EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/03 1:21 a.m.6 views

CVE-2025-67475 Stored XSS through edit summaries in MW Core

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/CommentFormatter/CommentParser.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6,...

5.3AI score0.00211EPSS
Exploits0References1
Rows per page
Query Builder