CVE-2025-61658

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php. This issue affects CheckUser: from before 1.43.4, 1.44.1...

CVE-2025-61657

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/skins.Vector.Js/stickyHeader.Js. This issue affects Vector: from before 1.43.4, 1.44.1...

CVE-2025-67478

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from before 1.39.14, 1.43.4, 1.44.1...

CVE-2025-61657

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/skins.Vector.Js/stickyHeader.Js. This issue affects Vector: from before 1.43.4, 1.44.1...

CVE-2025-61652

Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from before 1.43.4, 1.44.1...

CVE-2025-61654

Vulnerability in Wikimedia Foundation Thanks. This vulnerability is associated with program files includes/ThanksQueryHelper.Php. This issue affects Thanks: from before 1.43.4, 1.44.1...

CVE-2025-61655

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js,...

CVE-2025-61646

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1...

UBUNTU-CVE-2025-61645

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/pager/CodexTablePager.Php. This issue affects MediaWiki: from before 1.44.1...

EUVD-2025-206755

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from before 1.39.14, 1.43.4, 1.44.1...

CVE-2025-61655

CVE-2025-61655 is a stored XSS vulnerability in Wikimedia Foundation VisualEditor. Public details identify vulnerable components as includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js, and modules/ve-mw/ui/dialogs/ve.Ui.MWSaveDialog.Js, affecting Visual...

CVE-2025-61656

CVE-2025-61656 is a cross-site scripting (XSS) vulnerability in Wikimedia Foundation VisualEditor, caused by improper input neutralization in ve.Ce.ClipboardHandler.Js. Affected products/versions: VisualEditor before 1.39.14, 1.43.4, and 1.44.1. Impact is primarily client-side, enabling script ex...

CVE-2025-61656 XSS when pasting into VE

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/ce/ve.Ce.ClipboardHandler.Js. This issue affects VisualEditor: from before 1.39.14, 1.43.4, 1.44.1...

CVE-2025-61657

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/skins.Vector.Js/stickyHeader.Js. This issue affects Vector: from before 1.43.4, 1.44.1...

EUVD-2025-206654

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php. This issue affects CheckUser: from before 1.43.4, 1.44.1...

CVE-2025-61651

CVE-2025-61651 is an XSS vulnerability in Wikimedia Foundation CheckUser, caused by improper neutralization of input during web page generation in the file modules/ext.CheckUser/checkuser/checkUserHelper/buildUserElement.Js. The issue affects CheckUser from variants before version 1.44.1. Public ...

EUVD-2025-206638

Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php. This issue affects OATHAuth: from before 1.39.14, 1.43.4, 1.44.1...

CVE-2025-61642

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/CodexHTMLForm.Php, includes/htmlform/fields/HTMLButtonField.Php. This issue affects...

CVE-2025-61636

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLButtonField.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4,...

CVE-2025-61634

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Rest/Handler/PageHTMLHandler.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1...