UBUNTU-CVE-2025-67475

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/CommentFormatter/CommentParser.Php. This issue affects MediaWiki: from before 1.39.16, 1.43.6,...

CVE-2025-67476 Importing leaks IP address of importer via EventStreams

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/ImportableOldRevisionImporter.Php. This issue affects MediaWiki: from before 1.44.3, 1.45.1...

Insertion of Sensitive Information Into Sent Data

Overview mediawiki/core is a Free software wiki application developed by the Wikimedia Foundation and others. Note: This package is not maintained on Packagist anymore, but newer releases exist. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data...

Wikimedia MediaWiki 安全漏洞

Wikimedia MediaWiki is a web application developed by the Wikimedia Foundation for building Wiki websites. Versions of MediaWiki prior to 1.43.6, 1.44.3, and 1.45.1 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of inputs in the...