4 matches found
CVE-2026-30917
Bucket is a MediaWiki extension to store and retrieve structured data on articles. Prior to 2.1.1, a stored XSS can be inserted into any Bucket table field that has a PAGE type, which will execute whenever a user views that table's corresponding Bucket namespace page. This vulnerability is fixed ...
CVE-2025-61766
Bucket is a MediaWiki extension to store and retrieve structured data on articles. Prior to version 1.0.0, infinite recursion can occur if a user queries a bucket using the != comparator. This will result in PHP's call stack limit exceeding, and/or increased memory consumption, potentially leadin...
CVE-2025-61766 Bucket vulnerable to infinite recursion when querying a bucket using the != operator
Bucket is a MediaWiki extension to store and retrieve structured data on articles. Prior to version 1.0.0, infinite recursion can occur if a user queries a bucket using the != comparator. This will result in PHP's call stack limit exceeding, and/or increased memory consumption, potentially leadin...
CVE-2025-61766
CVE-2025-61766 affects the MediaWiki extension Bucket prior to 1.0.0, where querying a bucket with the != comparator can cause infinite recursion, exceeding PHP call stack or memory and potentially enabling a denial of service. The issue is mitigated by upgrading to version 1.0.0 or later (patch ...