9 matches found
EUVD-2026-19976
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension allows Cross-Site Scripting XSS.This issue affects non release branches...
CVE-2026-39937
Improper removal of sensitive information before storage or transfer vulnerability in The Wikimedia Foundation Mediawiki - CentralAuth Extension allows Resource Leak Exposure. The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1....
CVE-2026-39933 Multiple XSS vulnerabilities in GlobalWatchlist
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension allows Cross-Site Scripting XSS. The issue has been remediated on the master branch, and in the release branches for MediaWiki version...
CVE-2026-39933
The CVE-2026-39933 entry concerns The Wikimedia Foundation MediaWiki GlobalWatchlist Extension and an input handling issue that leads to Cross-Site Scripting (XSS) during web page generation. The connected sources confirm the vulnerability affects the GlobalWatchlist extension and state remediati...
CVE-2026-39937 Global vanishing does not completely remove user email
Improper removal of sensitive information before storage or transfer vulnerability in The Wikimedia Foundation Mediawiki - CentralAuth Extension allows Resource Leak Exposure. The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1....
CVE-2026-39937 Global vanishing does not completely remove user email
Improper removal of sensitive information before storage or transfer vulnerability in The Wikimedia Foundation Mediawiki - CentralAuth Extension allows Resource Leak Exposure. The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1....
CVE-2026-39937
CVE-2026-39937 concerns the Wikimedia Foundation’s MediaWiki CentralAuth Extension. The issue is an improper removal of sensitive information before storage or transfer, resulting in a Resource Leak Exposure. According to the connected documents, the vulnerability has been remediated on the maste...
PT-2026-31042
Name of the Vulnerable Software and Affected Versions The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension affected versions not specified Description A cross-site scripting XSS issue exists in The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension. This allows for XSS attacks...
PT-2026-31033
Improper removal of sensitive information before storage or transfer vulnerability in The Wikimedia Foundation Mediawiki - CentralAuth Extension allows Resource Leak Exposure.This issue affects non release branches...