Filtered by vendor Mediawiki
Subscribe
Total
438 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-67476 | 1 Mediawiki | 1 Mediawiki | 2026-06-17 | N/A | 4.3 MEDIUM |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/ImportableOldRevisionImporter.Php. This issue affects MediaWiki: from * before 1.44.3, 1.45.1. | |||||
| CVE-2025-67475 | 1 Mediawiki | 1 Mediawiki | 2026-06-17 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/CommentFormatter/CommentParser.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1. | |||||
| CVE-2025-61658 | 1 Mediawiki | 1 Checkuser | 2026-06-17 | N/A | 4.3 MEDIUM |
| Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php. This issue affects CheckUser: from * before 1.43.4, 1.44.1. | |||||
| CVE-2025-61656 | 1 Mediawiki | 1 Visual Editor | 2026-06-17 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/ce/ve.Ce.ClipboardHandler.Js. This issue affects VisualEditor: from * before 1.39.14, 1.43.4, 1.44.1. | |||||
| CVE-2025-61655 | 1 Mediawiki | 1 Visual Editor | 2026-06-17 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js, modules/ve-mw/ui/dialogs/ve.Ui.MWSaveDialog.Js. This issue affects VisualEditor: from * before 1.39.14, 1.43.4, 1.44.1. | |||||
| CVE-2025-61651 | 1 Mediawiki | 1 Checkuser | 2026-06-17 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser/checkuser/checkUserHelper/buildUserElement.Js. This issue affects CheckUser: from * before 1.44.1. | |||||
| CVE-2025-61648 | 1 Mediawiki | 1 Checkuser | 2026-06-17 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser.TempAccounts/components/ShowIPButton.Vue, modules/ext.CheckUser.TempAccounts/SpecialBlock.Js. This issue affects CheckUser: from * before 1.44.1. | |||||
| CVE-2025-61646 | 1 Mediawiki | 1 Mediawiki | 2026-06-17 | N/A | 5.4 MEDIUM |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChanges/EnhancedChangesList.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | |||||
| CVE-2025-61645 | 1 Mediawiki | 1 Mediawiki | 2026-06-17 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/pager/CodexTablePager.Php. This issue affects MediaWiki: from * before 1.44.1. | |||||
| CVE-2025-61643 | 1 Mediawiki | 1 Mediawiki | 2026-06-17 | N/A | 6.1 MEDIUM |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/recentchanges/RecentChangeRCFeedNotifier.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | |||||
| CVE-2025-61642 | 1 Mediawiki | 1 Mediawiki | 2026-06-17 | N/A | 6.1 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/CodexHTMLForm.Php, includes/htmlform/fields/HTMLButtonField.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | |||||
| CVE-2025-61641 | 1 Mediawiki | 1 Mediawiki | 2026-06-17 | N/A | 6.1 MEDIUM |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiQueryAllPages.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | |||||
| CVE-2025-61640 | 1 Mediawiki | 1 Mediawiki | 2026-06-17 | N/A | 4.8 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Rcfilters/ui/RclToOrFromWidget.Js. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | |||||
| CVE-2025-61639 | 1 Mediawiki | 1 Mediawiki | 2026-06-17 | N/A | 4.8 MEDIUM |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | |||||
| CVE-2025-61638 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Parsoid | 2026-06-17 | N/A | 4.8 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid. This vulnerability is associated with program files includes/parser/Sanitizer.Php, src/Core/Sanitizer.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Parsoid: from * before 0.16.6, 0.20.4, 0.21.1. | |||||
| CVE-2025-61637 | 1 Mediawiki | 1 Mediawiki | 2026-06-17 | N/A | 4.8 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Action/mediawiki.Action.Edit.Preview.Js, resources/src/mediawiki.Page.Preview.Js. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | |||||
| CVE-2025-61636 | 1 Mediawiki | 1 Mediawiki | 2026-06-17 | N/A | 4.8 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLButtonField.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | |||||
| CVE-2025-61634 | 1 Mediawiki | 1 Mediawiki | 2026-06-17 | N/A | 3.1 LOW |
| Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Rest/Handler/PageHTMLHandler.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. | |||||
| CVE-2025-53501 | 2 Mediawiki, Xtex | 2 Mediawiki, Scribunto | 2026-06-17 | N/A | 8.8 HIGH |
| Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension allows : Accessing Functionality Not Properly Constrained by Authorization.This issue affects Mediawiki - Scribunto Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. | |||||
| CVE-2025-53500 | 2 Malvineous, Mediawiki | 2 Masseditregex, Mediawiki | 2026-06-17 | N/A | 5.6 MEDIUM |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - MassEditRegex Extension allows Stored XSS.This issue affects Mediawiki - MassEditRegex Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. | |||||