16 matches found
CVE-2026-39933
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension allows Cross-Site Scripting XSS. The issue has been remediated on the master branch, and in the release branches for MediaWiki version...
CVE-2026-39933
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension allows Cross-Site Scripting XSS. The issue has been remediated on the master branch, and in the release branches for MediaWiki version...
CVE-2026-39933 Multiple XSS vulnerabilities in GlobalWatchlist
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension allows Cross-Site Scripting XSS. The issue has been remediated on the master branch, and in the release branches for MediaWiki version...
CVE-2026-39933 Multiple XSS vulnerabilities in GlobalWatchlist
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension allows Cross-Site Scripting XSS. The issue has been remediated on the master branch, and in the release branches for MediaWiki version...
PT-2026-31042
Name of the Vulnerable Software and Affected Versions The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension affected versions not specified Description A cross-site scripting XSS issue exists in The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension. This allows for XSS attacks...
MediaWiki GlobalWatchlist Extension 安全漏洞
The MediaWiki GlobalWatchlist Extension is an open-source global monitoring extension for MediaWiki. The MediaWiki GlobalWatchlist Extension has a security vulnerability, which stems from improper input during page generation, potentially leading to cross-site scripting attacks...
EUVD-2021-29034
Malicious code in bioql PyPI...
CVE-2021-42046
An issue was discovered in the GlobalWatchlist extension in MediaWiki through 1.36.2. The rev-deleted-user and ntimes messages were not properly escaped and allowed for users to inject HTML and JavaScript...
BIT-MEDIAWIKI-2021-42046
An issue was discovered in the GlobalWatchlist extension in MediaWiki through 1.36.2. The rev-deleted-user and ntimes messages were not properly escaped and allowed for users to inject HTML and JavaScript...
CVE-2021-42046
An issue was discovered in the GlobalWatchlist extension in MediaWiki through 1.36.2. The rev-deleted-user and ntimes messages were not properly escaped and allowed for users to inject HTML and JavaScript...
CVE-2021-42046
An issue was discovered in the GlobalWatchlist extension in MediaWiki through 1.36.2. The rev-deleted-user and ntimes messages were not properly escaped and allowed for users to inject HTML and JavaScript...
Hardcoded credentials
An issue was discovered in the GlobalWatchlist extension in MediaWiki through 1.36.2. The rev-deleted-user and ntimes messages were not properly escaped and allowed for users to inject HTML and JavaScript...
MediaWiki GlobalWatchlist 跨站脚本漏洞
MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A cross-site scripting vulnerability exists in MediaWiki GlobalWatchlist, which stems from a lack...
CVE-2021-42046
CVE-2021-42046: A flaw in the MediaWiki GlobalWatchlist extension up to 1.36.2 allows HTML/JavaScript injection via rev-deleted-user and ntimes messages due to improper escaping. Connected advisories confirm affected MediaWiki versions and indicate the issue arises from insufficient escaping rath...
CVE-2021-42046
An issue was discovered in the GlobalWatchlist extension in MediaWiki through 1.36.2. The rev-deleted-user and ntimes messages were not properly escaped and allowed for users to inject HTML and JavaScript...
PT-2021-23485 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.36.3 Description: An issue was discovered in the GlobalWatchlist extension where the rev-deleted-user and ntimes messages were not properly escaped, allowing users to inject HTML and JavaScript. Recommendations:...