[SECURITY] [DLA 4428-1] mediawiki security update

Debian LTS Advisory DLA-4428-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 30, 2025 https://wiki.debian.org/LTS Package : mediawiki Version : 1:1.35.13-1+deb11u6 CVE ID : CVE-2025-67475 CVE-2025-67478 CVE-2025-67479 CVE-2025-67480 CVE-2025-67481...

GHSA-G955-VW6W-V6PP Citizen vulnerable to stored XSS in sticky header button messages

Summary The JS implementation for copying button labels to the sticky header in the Citizen skin unescapes HTML characters, allowing for stored XSS through system messages. Details In the copyButtonAttributes function in stickyHeader.js, when copying the button labels, the innerHTML of the new...

EUVD-2025-34930

Citizen vulnerable to stored XSS in sticky header button messages...

Citizen vulnerable to stored XSS in sticky header button messages

Summary The JS implementation for copying button labels to the sticky header in the Citizen skin unescapes HTML characters, allowing for stored XSS through system messages. Details In the copyButtonAttributes function in stickyHeader.js, when copying the button labels, the innerHTML of the new...

CVE-2025-62508 Citizen vulnerable to stored XSS in sticky header button messages

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Citizen from 3.3.0 to 3.9.0 are vulnerable to stored cross-site scripting in the sticky header button message handling. In stickyHeader.js the copyButtonAttributes function assigns innerHTML from a source element’s...

CVE-2025-62508

CVE-2025-62508 affects the Citizen MediaWiki skin (versions 3.3.0–3.9.0). The issue is a stored XSS in the sticky header: in stickyHeader.js, copyButtonAttributes assigns innerHTML from the source element’s textContent, causing system messages (citizen-share, citizen-view-history, citizen-view-ed...

EUVD-2022-32655

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-28201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite...

CVE-2025-49579

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group h...

CVE-2025-49575

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the...

GHSA-G3CP-PQ72-HJPV starcitizentools/citizen-skin allows stored XSS in menu heading message

Summary All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. Details The system messages for menu headings are inserted unescaped into raw HTML:...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Menu.mustache template. An attacker can execute arbitrary HTML or JavaScript code in the context of the user's browser by editing system messages for menu headings that are inserted as raw HTML. This is...

starcitizentools/citizen-skin allows stored XSS in menu heading message

Summary All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. Details The system messages for menu headings are inserted unescaped into raw HTML:...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the citizen-search-noresults-title and citizen-search-noresults-desc system messages being inserted as raw HTML. An attacker can execute arbitrary HTML or JavaScript code in the context of users who view the...

CVE-2025-49579

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group h...

CVE-2025-49575

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the...

CVE-2025-49578 Citizen allows stored XSS in user registration date message

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various date messages returned by Language::userDate are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the...

CVE-2025-49575 Citizen allows stored XSS in Command Palette tip messages

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the...

CVE-2025-49575 Citizen allows stored XSS in Command Palette tip messages

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the...

CVE-2025-49575

The CVE-2025-49575 issue affects the Citizen skin for MediaWiki. The underlying problem is that multiple system messages are inserted into the CommandPaletteFooter as raw HTML, enabling stored HTML injection by users who can edit those messages. This could allow arbitrary HTML execution in the af...