3 matches found
CVE-2019-19708
The CVE-2019-19708 issue affects the VisualEditor extension for MediaWiki up to version 1.34. The vulnerability arises from improper handling of pasted content, allowing cross-site scripting (XSS) through an element containing a data-ve-clipboard-key attribute. Affected component: VisualEditor in...
CVE-2025-61656
CVE-2025-61656 is a cross-site scripting (XSS) vulnerability in Wikimedia Foundation VisualEditor, caused by improper input neutralization in ve.Ce.ClipboardHandler.Js. Affected products/versions: VisualEditor before 1.39.14, 1.43.4, and 1.44.1. Impact is primarily client-side, enabling script ex...
CVE-2025-61655
CVE-2025-61655 is a stored XSS vulnerability in Wikimedia Foundation VisualEditor. Public details identify vulnerable components as includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js, and modules/ve-mw/ui/dialogs/ve.Ui.MWSaveDialog.Js, affecting Visual...