4 matches found
EUVD-2025-12404
Malicious code in bioql PyPI...
CVE-2025-43861
ManageWiki (a MediaWiki extension) is affected by a self‑XSS vulnerability in the review changes dialog. Before commit 2f177dc, an authenticated user can alter a form field to inject a payload, which is then executed when the user opens the Review Changes dialog. The issue has been patched in com...
CVE-2025-43861 ManageWiki Vulnerable to Self-XSS in review dialog via unsanitized field reflection
ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 2f177dc, ManageWiki is vulnerable to reflected or stored XSS in the review dialog. A logged-in attacker must change a form field to include a malicious payload. If that same user then opens the "Review Changes"...
PT-2025-17856 · Mediawiki · Managewiki
Name of the Vulnerable Software and Affected Versions: ManageWiki versions prior to commit 2f177dc Description: The issue concerns a reflected or stored XSS vulnerability in the review dialog of ManageWiki, a MediaWiki extension. An attacker with a logged-in session can exploit this by modifying ...