Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2025-1525
Vulnerability from csaf_certbund - Published: 2025-07-09 22:00 - Updated: 2025-07-23 22:00Summary
MediaWiki Extensions und Skins: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
MediaWiki ist ein freies Wiki, das ursprünglich für den Einsatz auf Wikipedia entwickelt wurde.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in MediaWiki ausnutzen, um SQL-Injection- und XSS-Angriffe durchzuführen, Sicherheitsmechanismen zu umgehen, vertrauliche Informationen offenzulegen oder sich unbefugt höhere Berechtigungen zu verschaffen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "MediaWiki ist ein freies Wiki, das urspr\u00fcnglich f\u00fcr den Einsatz auf Wikipedia entwickelt wurde.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in MediaWiki ausnutzen, um SQL-Injection- und XSS-Angriffe durchzuf\u00fchren, Sicherheitsmechanismen zu umgehen, vertrauliche Informationen offenzulegen oder sich unbefugt h\u00f6here Berechtigungen zu verschaffen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1525 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1525.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1525 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1525"
},
{
"category": "external",
"summary": "MediaWiki Extensions and Skins Security Release Supplement vom 2025-07-09",
"url": "https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/B757OC4UOPKOO4EYXNPUKQY2BS4CQE2E/"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4249 vom 2025-07-23",
"url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00012.html"
}
],
"source_lang": "en-US",
"title": "MediaWiki Extensions und Skins: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-07-23T22:00:00.000+00:00",
"generator": {
"date": "2025-07-24T07:52:25.673+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1525",
"initial_release_date": "2025-07-09T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-09T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-07-23T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.39.13",
"product": {
"name": "Open Source MediaWiki \u003c1.39.13",
"product_id": "T044971"
}
},
{
"category": "product_version",
"name": "1.39.13",
"product": {
"name": "Open Source MediaWiki 1.39.13",
"product_id": "T044971-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mediawiki:mediawiki:1.39.13"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.42.7",
"product": {
"name": "Open Source MediaWiki \u003c1.42.7",
"product_id": "T044972"
}
},
{
"category": "product_version",
"name": "1.42.7",
"product": {
"name": "Open Source MediaWiki 1.42.7",
"product_id": "T044972-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mediawiki:mediawiki:1.42.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.43.2",
"product": {
"name": "Open Source MediaWiki \u003c1.43.2",
"product_id": "T044973"
}
},
{
"category": "product_version",
"name": "1.43.2",
"product": {
"name": "Open Source MediaWiki 1.43.2",
"product_id": "T044973-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:mediawiki:mediawiki:1.43.2"
}
}
}
],
"category": "product_name",
"name": "MediaWiki"
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-32956",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-32956"
},
{
"cve": "CVE-2025-32964",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-32964"
},
{
"cve": "CVE-2025-43861",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-43861"
},
{
"cve": "CVE-2025-49575",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-49575"
},
{
"cve": "CVE-2025-49576",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-49576"
},
{
"cve": "CVE-2025-49577",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-49577"
},
{
"cve": "CVE-2025-49578",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-49578"
},
{
"cve": "CVE-2025-49579",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-49579"
},
{
"cve": "CVE-2025-53093",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53093"
},
{
"cve": "CVE-2025-53368",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53368"
},
{
"cve": "CVE-2025-53369",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53369"
},
{
"cve": "CVE-2025-53370",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53370"
},
{
"cve": "CVE-2025-53478",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53478"
},
{
"cve": "CVE-2025-53479",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53479"
},
{
"cve": "CVE-2025-53480",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53480"
},
{
"cve": "CVE-2025-53481",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53481"
},
{
"cve": "CVE-2025-53482",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53482"
},
{
"cve": "CVE-2025-53483",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53483"
},
{
"cve": "CVE-2025-53484",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53484"
},
{
"cve": "CVE-2025-53485",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53485"
},
{
"cve": "CVE-2025-53486",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53486"
},
{
"cve": "CVE-2025-53487",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53487"
},
{
"cve": "CVE-2025-53488",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53488"
},
{
"cve": "CVE-2025-53489",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53489"
},
{
"cve": "CVE-2025-53490",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53490"
},
{
"cve": "CVE-2025-53491",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53491"
},
{
"cve": "CVE-2025-53492",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53492"
},
{
"cve": "CVE-2025-53493",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53493"
},
{
"cve": "CVE-2025-53494",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53494"
},
{
"cve": "CVE-2025-53495",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53495"
},
{
"cve": "CVE-2025-53496",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53496"
},
{
"cve": "CVE-2025-53497",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53497"
},
{
"cve": "CVE-2025-53498",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53498"
},
{
"cve": "CVE-2025-53499",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53499"
},
{
"cve": "CVE-2025-53500",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53500"
},
{
"cve": "CVE-2025-53501",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53501"
},
{
"cve": "CVE-2025-53502",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-53502"
},
{
"cve": "CVE-2025-6926",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-6926"
},
{
"cve": "CVE-2025-7056",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-7056"
},
{
"cve": "CVE-2025-7057",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-7057"
},
{
"cve": "CVE-2025-7362",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-7362"
},
{
"cve": "CVE-2025-7363",
"product_status": {
"known_affected": [
"T044973",
"T044972",
"2951",
"T044971"
]
},
"release_date": "2025-07-09T22:00:00.000+00:00",
"title": "CVE-2025-7363"
}
]
}
CVE-2025-53494 (GCVE-0-2025-53494)
Vulnerability from cvelistv5 – Published: 2025-07-02 14:24 – Updated: 2025-07-10 23:31
VLAI?
EPSS
Title
Stored XSS in TwoColConflict
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - TwoColConflict Extension allows Stored XSS.This issue affects Mediawiki - TwoColConflict Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - TwoColConflict Extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
Credits
SomeRandomDeveloper
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53494",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T14:52:26.114213Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T14:54:06.741Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - TwoColConflict Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SomeRandomDeveloper"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - TwoColConflict Extension allows Stored XSS.\u003cp\u003eThis issue affects Mediawiki - TwoColConflict Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - TwoColConflict Extension allows Stored XSS.This issue affects Mediawiki - TwoColConflict Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T23:31:13.659Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T394938"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/TwoColConflict/+/1150011"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored XSS in TwoColConflict",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53494",
"datePublished": "2025-07-02T14:24:54.021Z",
"dateReserved": "2025-06-30T15:36:34.119Z",
"dateUpdated": "2025-07-10T23:31:13.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53485 (GCVE-0-2025-53485)
Vulnerability from cvelistv5 – Published: 2025-07-04 17:39 – Updated: 2025-07-08 17:38
VLAI?
EPSS
Title
SecurePoll: Unauthorized access to SetTranslationHandler allows arbitrary text changes
Summary
SetTranslationHandler.php does not validate that the user is an election admin, allowing any (even unauthenticated) user to change election-related translation text. While partially broken in newer MediaWiki versions, the check is still missing.
This issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
7.5 (High)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - SecurePoll extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53485",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T19:44:55.869471Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T17:38:04.023Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - SecurePoll extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSetTranslationHandler.php does not validate that the user is an election admin, allowing any (even unauthenticated) user to change election-related translation text. While partially broken in newer MediaWiki versions, the check is still missing.\u003c/p\u003e\n\n\n\u003cp\u003eThis issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "SetTranslationHandler.php does not validate that the user is an election admin, allowing any (even unauthenticated) user to change election-related translation text. While partially broken in newer MediaWiki versions, the check is still missing.\n\n\n\n\nThis issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-04T17:44:31.423Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T392341"
},
{
"url": "https://gerrit.wikimedia.org/r/149668"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SecurePoll: Unauthorized access to SetTranslationHandler allows arbitrary text changes",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53485",
"datePublished": "2025-07-04T17:39:36.272Z",
"dateReserved": "2025-06-30T15:20:44.462Z",
"dateUpdated": "2025-07-08T17:38:04.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7363 (GCVE-0-2025-7363)
Vulnerability from cvelistv5 – Published: 2025-07-08 17:27 – Updated: 2025-07-10 14:07
VLAI?
EPSS
Title
TitleIcon: Stored Cross-Site Scripting (XSS) via #titleicon_unicode parser function
Summary
The TitleIcon extension for MediaWiki is vulnerable to stored XSS through the #titleicon_unicode parser function. User input passed to this function is wrapped in an HtmlArmor object without sanitization and rendered directly into the page header, allowing attackers to inject arbitrary JavaScript.
This issue affects Mediawiki - TitleIcon extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - TitleIcon extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-7363",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T14:06:52.777733Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T14:07:16.818Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://phabricator.wikimedia.org/T394721"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - TitleIcon extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe TitleIcon extension for MediaWiki is vulnerable to stored XSS through the #titleicon_unicode parser function. User input passed to this function is wrapped in an HtmlArmor object without sanitization and rendered directly into the page header, allowing attackers to inject arbitrary JavaScript.\u003c/p\u003e\n\n\n\u003cp\u003eThis issue affects Mediawiki - TitleIcon extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "The TitleIcon extension for MediaWiki is vulnerable to stored XSS through the #titleicon_unicode parser function. User input passed to this function is wrapped in an HtmlArmor object without sanitization and rendered directly into the page header, allowing attackers to inject arbitrary JavaScript.\n\n\n\n\nThis issue affects Mediawiki - TitleIcon extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T17:27:17.643Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T394721"
},
{
"url": "https://gerrit.wikimedia.org/r/q/I107ab638fecbf52b5bec3f02726ed24b1ae74429"
},
{
"url": "https://gerrit.wikimedia.org/r/q/I2e8c73445172679634f6ec64d37cf82507dfa110"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "TitleIcon: Stored Cross-Site Scripting (XSS) via #titleicon_unicode parser function",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-7363",
"datePublished": "2025-07-08T17:27:17.643Z",
"dateReserved": "2025-07-08T17:18:06.701Z",
"dateUpdated": "2025-07-10T14:07:16.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53498 (GCVE-0-2025-53498)
Vulnerability from cvelistv5 – Published: 2025-07-07 18:35 – Updated: 2025-07-08 20:07
VLAI?
EPSS
Title
Lack of Audit Logging in AbuseFilter
Summary
Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.This issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2.
Severity ?
5.3 (Medium)
CWE
- CWE-778 - Insufficient Logging
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - AbuseFilter Extension |
Affected:
1.43.x , < 1.43.2
(semver)
|
Credits
Dreamy Jazz
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53498",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T15:31:35.755560Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T17:35:51.996Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://phabricator.wikimedia.org/T397221"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - AbuseFilter Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dreamy Jazz"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.\u003cp\u003eThis issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.This issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-118",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-118: Data Leakage Attacks"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-778",
"description": "CWE-778: Insufficient Logging",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T20:07:39.308Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T397221"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/1166844"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Lack of Audit Logging in AbuseFilter",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53498",
"datePublished": "2025-07-07T18:35:48.826Z",
"dateReserved": "2025-06-30T15:36:41.720Z",
"dateUpdated": "2025-07-08T20:07:39.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53493 (GCVE-0-2025-53493)
Vulnerability from cvelistv5 – Published: 2025-07-02 14:38 – Updated: 2025-07-10 23:31
VLAI?
EPSS
Title
Stored XSS in MintyDocs
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - MintyDocs Extension allows Stored XSS.This issue affects Mediawiki - MintyDocs Extension: from 1.43.X before 1.43.2.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - MintyDocs Extension |
Affected:
1.43.x , < 1.43.2
(semver)
|
Credits
SomeRandomDeveloper
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53493",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T14:59:22.216344Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T15:00:28.634Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - MintyDocs Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SomeRandomDeveloper"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - MintyDocs Extension allows Stored XSS.\u003cp\u003eThis issue affects Mediawiki - MintyDocs Extension: from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - MintyDocs Extension allows Stored XSS.This issue affects Mediawiki - MintyDocs Extension: from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T23:31:41.432Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T395376"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/MintyDocs/+/1151800"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored XSS in MintyDocs",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53493",
"datePublished": "2025-07-02T14:38:07.470Z",
"dateReserved": "2025-06-30T15:36:34.119Z",
"dateUpdated": "2025-07-10T23:31:41.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7057 (GCVE-0-2025-7057)
Vulnerability from cvelistv5 – Published: 2025-07-07 15:12 – Updated: 2025-07-10 23:22
VLAI?
EPSS
Title
Stored XSS in Quiz
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - Quiz Extension allows Stored XSS.This issue affects Mediawiki - Quiz Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - Quiz Extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
Credits
SomeRandomDeveloper
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-7057",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T19:13:49.750282Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T19:14:27.997Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - Quiz Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SomeRandomDeveloper"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - Quiz Extension allows Stored XSS.\u003cp\u003eThis issue affects Mediawiki - Quiz Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - Quiz Extension allows Stored XSS.This issue affects Mediawiki - Quiz Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T23:22:18.817Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T394612"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Quiz/+/1166274"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored XSS in Quiz",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-7057",
"datePublished": "2025-07-07T15:12:13.202Z",
"dateReserved": "2025-07-03T22:11:35.744Z",
"dateUpdated": "2025-07-10T23:22:18.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-49579 (GCVE-0-2025-49579)
Vulnerability from cvelistv5 – Published: 2025-06-12 18:50 – Updated: 2025-06-12 19:16
VLAI?
EPSS
Title
Citizen allows stored XSS in menu heading message
Summary
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| StarCitizenTools | mediawiki-skins-Citizen |
Affected:
>= 54c8717d45ce1594918f11cb9ce5d0ccd8dfee65, < 93c36ac778397e0e7c46cf7adb1e5d848265f1bd
Affected: >= 2.4.2, < 3.3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49579",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-12T19:16:32.802742Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T19:16:43.720Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mediawiki-skins-Citizen",
"vendor": "StarCitizenTools",
"versions": [
{
"status": "affected",
"version": "\u003e= 54c8717d45ce1594918f11cb9ce5d0ccd8dfee65, \u003c 93c36ac778397e0e7c46cf7adb1e5d848265f1bd"
},
{
"status": "affected",
"version": "\u003e= 2.4.2, \u003c 3.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. All system messages in menu headings using the Menu.mustache template are inserted as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T18:50:44.360Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-g3cp-pq72-hjpv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-g3cp-pq72-hjpv"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/54c8717d45ce1594918f11cb9ce5d0ccd8dfee65",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/54c8717d45ce1594918f11cb9ce5d0ccd8dfee65"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/93c36ac778397e0e7c46cf7adb1e5d848265f1bd",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/93c36ac778397e0e7c46cf7adb1e5d848265f1bd"
}
],
"source": {
"advisory": "GHSA-g3cp-pq72-hjpv",
"discovery": "UNKNOWN"
},
"title": "Citizen allows stored XSS in menu heading message"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-49579",
"datePublished": "2025-06-12T18:50:44.360Z",
"dateReserved": "2025-06-06T15:44:21.555Z",
"dateUpdated": "2025-06-12T19:16:43.720Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53500 (GCVE-0-2025-53500)
Vulnerability from cvelistv5 – Published: 2025-07-03 16:17 – Updated: 2025-07-10 23:29
VLAI?
EPSS
Title
Stored XSS in MassEditRegex
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - MassEditRegex Extension allows Stored XSS.This issue affects Mediawiki - MassEditRegex Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
5.6 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - MassEditRegex Extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
Credits
SomeRandomDeveloper
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53500",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-03T17:44:48.615901Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T17:45:24.853Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - MassEditRegex Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SomeRandomDeveloper"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - MassEditRegex Extension allows Stored XSS.\u003cp\u003eThis issue affects Mediawiki - MassEditRegex Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - MassEditRegex Extension allows Stored XSS.This issue affects Mediawiki - MassEditRegex Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T23:29:42.412Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T397334"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/MassEditRegex/+/1163878/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored XSS in MassEditRegex",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53500",
"datePublished": "2025-07-03T16:17:38.293Z",
"dateReserved": "2025-06-30T15:36:41.721Z",
"dateUpdated": "2025-07-10T23:29:42.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53093 (GCVE-0-2025-53093)
Vulnerability from cvelistv5 – Published: 2025-06-27 17:43 – Updated: 2025-06-27 17:56
VLAI?
EPSS
Title
TabberNeue vulnerable to Stored XSS through wikitext
Summary
TabberNeue is a MediaWiki extension that allows the wiki to create tabs. Starting in version 3.0.0 and prior to version 3.1.1, any user can insert arbitrary HTMLinto the DOM by inserting a payload into any allowed attribute of the `<tabber>` tag. Version 3.1.1 contains a patch for the bug.
Severity ?
8.6 (High)
CWE
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| StarCitizenTools | mediawiki-extensions-TabberNeue |
Affected:
>= 3.0.0, < 3.1.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53093",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-27T17:52:29.743640Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-27T17:56:37.678Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mediawiki-extensions-TabberNeue",
"vendor": "StarCitizenTools",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.0.0, \u003c 3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TabberNeue is a MediaWiki extension that allows the wiki to create tabs. Starting in version 3.0.0 and prior to version 3.1.1, any user can insert arbitrary HTMLinto the DOM by inserting a payload into any allowed attribute of the `\u003ctabber\u003e` tag. Version 3.1.1 contains a patch for the bug."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-27T17:43:24.107Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/security/advisories/GHSA-jfj7-249r-7j2m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/security/advisories/GHSA-jfj7-249r-7j2m"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/commit/4cdf217ef96da74a1503d1dd0bb0ed898fc2a612",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/commit/4cdf217ef96da74a1503d1dd0bb0ed898fc2a612"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/commit/62ce0fcdf32bd3cfa77f92ff6b940459a14315fa",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/commit/62ce0fcdf32bd3cfa77f92ff6b940459a14315fa"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/blob/3a23b703ce36cfc4128e7921841f68230be4059a/includes/Components/TabberComponentTabs.php#L15-L31",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/blob/3a23b703ce36cfc4128e7921841f68230be4059a/includes/Components/TabberComponentTabs.php#L15-L31"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/blob/3a23b703ce36cfc4128e7921841f68230be4059a/includes/Tabber.php#L76",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/blob/3a23b703ce36cfc4128e7921841f68230be4059a/includes/Tabber.php#L76"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/blob/3a23b703ce36cfc4128e7921841f68230be4059a/includes/templates/Tabs.mustache#L1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-extensions-TabberNeue/blob/3a23b703ce36cfc4128e7921841f68230be4059a/includes/templates/Tabs.mustache#L1"
}
],
"source": {
"advisory": "GHSA-jfj7-249r-7j2m",
"discovery": "UNKNOWN"
},
"title": "TabberNeue vulnerable to Stored XSS through wikitext"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-53093",
"datePublished": "2025-06-27T17:43:24.107Z",
"dateReserved": "2025-06-25T13:41:23.085Z",
"dateUpdated": "2025-06-27T17:56:37.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53479 (GCVE-0-2025-53479)
Vulnerability from cvelistv5 – Published: 2025-07-08 17:16 – Updated: 2025-07-10 13:18
VLAI?
EPSS
Title
CheckUser: Reflected Cross-Site Scripting (XSS) in Special:CheckUser via unsanitized internationalized message
Summary
The CheckUser extension’s Special:CheckUser interface is vulnerable to reflected XSS via the rev-deleted-user message. This message is rendered without proper escaping, making it possible to inject JavaScript through the uselang=x-xss language override mechanism.
This issue affects Mediawiki - CheckUser extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - CheckUser extension |
Affected:
1.42.x , < 1.42.7
(semver)
Affected: 1.43.x , < 1.43.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53479",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T13:18:02.588187Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T13:18:39.505Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://phabricator.wikimedia.org/T394693"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - CheckUser extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe CheckUser extension\u2019s Special:CheckUser interface is vulnerable to reflected XSS via the rev-deleted-user message. This message is rendered without proper escaping, making it possible to inject JavaScript through the uselang=x-xss language override mechanism.\u003c/p\u003e\n\n\n\u003cp\u003eThis issue affects Mediawiki - CheckUser extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "The CheckUser extension\u2019s Special:CheckUser interface is vulnerable to reflected XSS via the rev-deleted-user message. This message is rendered without proper escaping, making it possible to inject JavaScript through the uselang=x-xss language override mechanism.\n\n\n\n\nThis issue affects Mediawiki - CheckUser extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-09T10:38:20.867Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T394693"
},
{
"url": "https://gerrit.wikimedia.org/r/q/I159e14543912cb3bc7f4a00c3090c0285b154786"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CheckUser: Reflected Cross-Site Scripting (XSS) in Special:CheckUser via unsanitized internationalized message",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53479",
"datePublished": "2025-07-08T17:16:36.081Z",
"dateReserved": "2025-06-30T15:20:44.461Z",
"dateUpdated": "2025-07-10T13:18:39.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53499 (GCVE-0-2025-53499)
Vulnerability from cvelistv5 – Published: 2025-07-07 18:33 – Updated: 2025-07-08 20:07
VLAI?
EPSS
Title
Unauthorized Inspection of Protected Variables in AbuseFilter
Summary
Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2.
Severity ?
9.1 (Critical)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - AbuseFilter Extension |
Affected:
1.43.x , < 1.43.2
(semver)
|
Credits
Dreamy_Jazz
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53499",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T14:33:16.700006Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T17:35:57.914Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Mediawiki - AbuseFilter Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dreamy_Jazz"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.\u003cp\u003eThis issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115: Unauthorized Access"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T20:07:07.442Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T397196"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/1166045"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthorized Inspection of Protected Variables in AbuseFilter",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53499",
"datePublished": "2025-07-07T18:33:12.173Z",
"dateReserved": "2025-06-30T15:36:41.720Z",
"dateUpdated": "2025-07-08T20:07:07.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53482 (GCVE-0-2025-53482)
Vulnerability from cvelistv5 – Published: 2025-07-04 16:01 – Updated: 2025-07-08 17:38
VLAI?
EPSS
Title
IPInfo: Message key XSS through several IPInfo messages in infobox and popup
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - IPInfo Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - IPInfo Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - IPInfo Extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53482",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T19:45:21.632433Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T17:38:20.332Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - IPInfo Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - IPInfo Extension allows Cross-Site Scripting (XSS).\u003cp\u003eThis issue affects Mediawiki - IPInfo Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - IPInfo Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - IPInfo Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-04T16:01:46.252Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T394393"
},
{
"url": "https://gerrit.wikimedia.org/r/q/I66221bae94cf222531a7dc5622b2d43e01f7f8eb"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IPInfo: Message key XSS through several IPInfo messages in infobox and popup",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53482",
"datePublished": "2025-07-04T16:01:46.252Z",
"dateReserved": "2025-06-30T15:20:44.462Z",
"dateUpdated": "2025-07-08T17:38:20.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-49576 (GCVE-0-2025-49576)
Vulnerability from cvelistv5 – Published: 2025-06-12 18:50 – Updated: 2025-06-12 19:05
VLAI?
EPSS
Title
Citizen allows stored XSS in search no result messages
Summary
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| StarCitizenTools | mediawiki-skins-Citizen |
Affected:
>= a0296afaedbe1a277337a2d8f1da83cb3a79b9ab, < 93c36ac778397e0e7c46cf7adb1e5d848265f1bd
Affected: >= 2.31.0, < 3.3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49576",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-12T19:04:28.559437Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T19:05:48.122Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mediawiki-skins-Citizen",
"vendor": "StarCitizenTools",
"versions": [
{
"status": "affected",
"version": "\u003e= a0296afaedbe1a277337a2d8f1da83cb3a79b9ab, \u003c 93c36ac778397e0e7c46cf7adb1e5d848265f1bd"
},
{
"status": "affected",
"version": "\u003e= 2.31.0, \u003c 3.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The citizen-search-noresults-title and citizen-search-noresults-desc system messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T18:50:55.931Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-86xf-2mgp-gv3g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-86xf-2mgp-gv3g"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/93c36ac778397e0e7c46cf7adb1e5d848265f1bd",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/93c36ac778397e0e7c46cf7adb1e5d848265f1bd"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/a0296afaedbe1a277337a2d8f1da83cb3a79b9ab",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/a0296afaedbe1a277337a2d8f1da83cb3a79b9ab"
}
],
"source": {
"advisory": "GHSA-86xf-2mgp-gv3g",
"discovery": "UNKNOWN"
},
"title": "Citizen allows stored XSS in search no result messages"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-49576",
"datePublished": "2025-06-12T18:50:55.931Z",
"dateReserved": "2025-06-06T15:44:21.555Z",
"dateUpdated": "2025-06-12T19:05:48.122Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53492 (GCVE-0-2025-53492)
Vulnerability from cvelistv5 – Published: 2025-07-02 14:41 – Updated: 2025-07-10 23:32
VLAI?
EPSS
Title
Stored XSS in MintyDocs
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - MintyDocs Extension allows Stored XSS.This issue affects Mediawiki - MintyDocs Extension: from 1.43.X before 1.43.2.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - MintyDocs Extension |
Affected:
1.43.x , < 1.43.2
(semver)
|
Credits
SomeRandomDeveloper
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53492",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T15:41:34.178924Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T15:43:47.253Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - MintyDocs Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SomeRandomDeveloper"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - MintyDocs Extension allows Stored XSS.\u003cp\u003eThis issue affects Mediawiki - MintyDocs Extension: from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - MintyDocs Extension allows Stored XSS.This issue affects Mediawiki - MintyDocs Extension: from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T23:32:08.878Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T395737"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/MintyDocs/+/1152771"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored XSS in MintyDocs",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53492",
"datePublished": "2025-07-02T14:41:52.046Z",
"dateReserved": "2025-06-30T15:36:34.119Z",
"dateUpdated": "2025-07-10T23:32:08.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53370 (GCVE-0-2025-53370)
Vulnerability from cvelistv5 – Published: 2025-07-03 19:45 – Updated: 2025-07-07 19:01
VLAI?
EPSS
Title
Citizen stored XSS vulnerability through short descriptions
Summary
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. From versions 1.9.4 to before 3.4.0, short descriptions set via the ShortDescription extension are inserted as raw HTML by the Citizen skin, allowing any user to insert arbitrary HTML into the DOM by editing a page. This issue has been patched in version 3.4.0.
Severity ?
8.6 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| StarCitizenTools | mediawiki-skins-Citizen |
Affected:
>= 65a7ffd927467c8c3557146d1ac6de62b0369b6c, < c85a40bddc8651fff66df83a72debddcb34f0521
Affected: >= 1.9.4, < 3.4.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53370",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T18:57:59.452214Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T19:01:01.183Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mediawiki-skins-Citizen",
"vendor": "StarCitizenTools",
"versions": [
{
"status": "affected",
"version": "\u003e= 65a7ffd927467c8c3557146d1ac6de62b0369b6c, \u003c c85a40bddc8651fff66df83a72debddcb34f0521"
},
{
"status": "affected",
"version": "\u003e= 1.9.4, \u003c 3.4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. From versions 1.9.4 to before 3.4.0, short descriptions set via the ShortDescription extension are inserted as raw HTML by the Citizen skin, allowing any user to insert arbitrary HTML into the DOM by editing a page. This issue has been patched in version 3.4.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T19:45:32.163Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-prmv-7r8c-794g",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-prmv-7r8c-794g"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/c85a40bddc8651fff66df83a72debddcb34f0521",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/c85a40bddc8651fff66df83a72debddcb34f0521"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/releases/tag/v3.4.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/releases/tag/v3.4.0"
}
],
"source": {
"advisory": "GHSA-prmv-7r8c-794g",
"discovery": "UNKNOWN"
},
"title": "Citizen stored XSS vulnerability through short descriptions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-53370",
"datePublished": "2025-07-03T19:45:32.163Z",
"dateReserved": "2025-06-27T12:57:16.121Z",
"dateUpdated": "2025-07-07T19:01:01.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6926 (GCVE-0-2025-6926)
Vulnerability from cvelistv5 – Published: 2025-07-03 16:23 – Updated: 2025-11-03 20:07
VLAI?
EPSS
Title
Security Authentication Bypass in CentralAuth
Summary
Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension allows : Bypass Authentication.This issue affects Mediawiki - CentralAuth Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
8.8 (High)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - CentralAuth Extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
Credits
Tgr
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-6926",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-03T17:40:14.857430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T17:41:44.046Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:07:17.094Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00012.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - CentralAuth Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tgr"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension allows : Bypass Authentication.\u003cp\u003eThis issue affects Mediawiki - CentralAuth Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension allows : Bypass Authentication.This issue affects Mediawiki - CentralAuth Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-178",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-178: Bypass Authentication"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T23:37:08.753Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T389010"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1165117"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Security Authentication Bypass in CentralAuth",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-6926",
"datePublished": "2025-07-03T16:23:56.503Z",
"dateReserved": "2025-06-30T14:28:12.256Z",
"dateUpdated": "2025-11-03T20:07:17.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-49578 (GCVE-0-2025-49578)
Vulnerability from cvelistv5 – Published: 2025-06-12 18:50 – Updated: 2025-06-12 19:12
VLAI?
EPSS
Title
Citizen allows stored XSS in user registration date message
Summary
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various date messages returned by `Language::userDate` are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| StarCitizenTools | mediawiki-skins-Citizen |
Affected:
>= 64cb5d7ab3a6dc0381fae54b31e8fc4afadc8beb, < 93c36ac778397e0e7c46cf7adb1e5d848265f1bd
Affected: >= 3.3.0, < 3.3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49578",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-12T19:11:37.150490Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T19:12:17.575Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mediawiki-skins-Citizen",
"vendor": "StarCitizenTools",
"versions": [
{
"status": "affected",
"version": "\u003e= 64cb5d7ab3a6dc0381fae54b31e8fc4afadc8beb, \u003c 93c36ac778397e0e7c46cf7adb1e5d848265f1bd"
},
{
"status": "affected",
"version": "\u003e= 3.3.0, \u003c 3.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various date messages returned by `Language::userDate` are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T18:50:49.300Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-2v3v-3whp-953h",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-2v3v-3whp-953h"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/64cb5d7ab3a6dc0381fae54b31e8fc4afadc8beb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/64cb5d7ab3a6dc0381fae54b31e8fc4afadc8beb"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/93c36ac778397e0e7c46cf7adb1e5d848265f1bd",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/93c36ac778397e0e7c46cf7adb1e5d848265f1bd"
}
],
"source": {
"advisory": "GHSA-2v3v-3whp-953h",
"discovery": "UNKNOWN"
},
"title": "Citizen allows stored XSS in user registration date message"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-49578",
"datePublished": "2025-06-12T18:50:49.300Z",
"dateReserved": "2025-06-06T15:44:21.555Z",
"dateUpdated": "2025-06-12T19:12:17.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53501 (GCVE-0-2025-53501)
Vulnerability from cvelistv5 – Published: 2025-07-03 16:15 – Updated: 2025-07-10 23:37
VLAI?
EPSS
Title
Content Access Bypass in Scribunto
Summary
Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension allows : Accessing Functionality Not Properly Constrained by Authorization.This issue affects Mediawiki - Scribunto Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
8.8 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - Scribunto Extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
Credits
Leo768
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53501",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-03T17:51:23.495536Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T17:51:43.062Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - Scribunto Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Leo768"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension allows : Accessing Functionality Not Properly Constrained by Authorization.\u003cp\u003eThis issue affects Mediawiki - Scribunto Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension allows : Accessing Functionality Not Properly Constrained by Authorization.This issue affects Mediawiki - Scribunto Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-118",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-118: Accessing Functionality Not Properly Constrained by Authorization"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T23:37:33.152Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T397524"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Scribunto/+/1164541"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Content Access Bypass in Scribunto",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53501",
"datePublished": "2025-07-03T16:15:52.588Z",
"dateReserved": "2025-06-30T15:36:41.721Z",
"dateUpdated": "2025-07-10T23:37:33.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53481 (GCVE-0-2025-53481)
Vulnerability from cvelistv5 – Published: 2025-07-04 15:47 – Updated: 2025-07-08 17:38
VLAI?
EPSS
Title
Denial of service vector on ipinfo/v0/norevision
Summary
Uncontrolled Resource Consumption vulnerability in Wikimedia Foundation Mediawiki - IPInfo Extension allows Excessive Allocation.This issue affects Mediawiki - IPInfo Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - IPInfo Extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53481",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T19:45:29.563037Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T17:38:27.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - IPInfo Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Uncontrolled Resource Consumption vulnerability in Wikimedia Foundation Mediawiki - IPInfo Extension allows Excessive Allocation.\u003cp\u003eThis issue affects Mediawiki - IPInfo Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Uncontrolled Resource Consumption vulnerability in Wikimedia Foundation Mediawiki - IPInfo Extension allows Excessive Allocation.This issue affects Mediawiki - IPInfo Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-04T15:47:46.299Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T392976"
},
{
"url": "https://gerrit.wikimedia.org/r/q/I474b7a1b3bc1e7597fee0826a18a0cf042359f0f"
},
{
"url": "https://gerrit.wikimedia.org/r/q/I08a7154f8fa08bb6f0940e522075bdc2a3d4433f"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of service vector on ipinfo/v0/norevision",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53481",
"datePublished": "2025-07-04T15:47:46.299Z",
"dateReserved": "2025-06-30T15:20:44.462Z",
"dateUpdated": "2025-07-08T17:38:27.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-43861 (GCVE-0-2025-43861)
Vulnerability from cvelistv5 – Published: 2025-04-24 20:49 – Updated: 2025-04-25 19:32
VLAI?
EPSS
Title
ManageWiki Vulnerable to Self-XSS in review dialog via unsanitized field reflection
Summary
ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 2f177dc, ManageWiki is vulnerable to reflected or stored XSS in the review dialog. A logged-in attacker must change a form field to include a malicious payload. If that same user then opens the "Review Changes" dialog, the payload will be rendered and executed in the context of their own session. This issue has been patched in commit 2f177dc.
Severity ?
4.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| miraheze | ManageWiki |
Affected:
< 2f177dc
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-43861",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-25T19:31:56.539838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T19:32:14.066Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ManageWiki",
"vendor": "miraheze",
"versions": [
{
"status": "affected",
"version": "\u003c 2f177dc"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 2f177dc, ManageWiki is vulnerable to reflected or stored XSS in the review dialog. A logged-in attacker must change a form field to include a malicious payload. If that same user then opens the \"Review Changes\" dialog, the payload will be rendered and executed in the context of their own session. This issue has been patched in commit 2f177dc."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-24T20:49:57.692Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/miraheze/ManageWiki/security/advisories/GHSA-859x-46h8-vcrv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/miraheze/ManageWiki/security/advisories/GHSA-859x-46h8-vcrv"
},
{
"name": "https://github.com/miraheze/ManageWiki/commit/2f177dc83b28b727613215b835d4036cb179e4ab",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/miraheze/ManageWiki/commit/2f177dc83b28b727613215b835d4036cb179e4ab"
}
],
"source": {
"advisory": "GHSA-859x-46h8-vcrv",
"discovery": "UNKNOWN"
},
"title": "ManageWiki Vulnerable to Self-XSS in review dialog via unsanitized field reflection"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-43861",
"datePublished": "2025-04-24T20:49:57.692Z",
"dateReserved": "2025-04-17T20:07:08.556Z",
"dateUpdated": "2025-04-25T19:32:14.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53486 (GCVE-0-2025-53486)
Vulnerability from cvelistv5 – Published: 2025-07-07 15:07 – Updated: 2025-07-07 19:15
VLAI?
EPSS
Title
WikiCategoryTagCloud: Reflected Cross-Site Scripting (XSS) via linkstyle attribute in parser function
Summary
The WikiCategoryTagCloud extension is vulnerable to reflected XSS via the linkstyle attribute, which is improperly concatenated into inline HTML without escaping. An attacker can inject JavaScript event handlers such as onmouseenter using carefully crafted input via the {{#tag:tagcloud}} parser function, resulting in arbitrary JavaScript execution when a victim hovers over a link in the category cloud.
The vulnerability exists because the linkstyle parameter is only passed through Sanitizer::checkCss() (which does not escape HTML) and is then directly inserted into a style attribute using string concatenation instead of Html::element or Html::openElement.
This issue affects Mediawiki - WikiCategoryTagCloud extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - WikiCategoryTagCloud extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53486",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T19:13:04.719962Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T19:15:02.740Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - WikiCategoryTagCloud extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe WikiCategoryTagCloud extension is vulnerable to reflected XSS via the linkstyle attribute, which is improperly concatenated into inline HTML without escaping. An attacker can inject JavaScript event handlers such as onmouseenter using carefully crafted input via the {{#tag:tagcloud}} parser function, resulting in arbitrary JavaScript execution when a victim hovers over a link in the category cloud.\u003cbr\u003e\u003c/p\u003e\n\n\u003cp\u003eThe vulnerability exists because the linkstyle parameter is only passed through Sanitizer::checkCss() (which does not escape HTML) and is then directly inserted into a style attribute using string concatenation instead of Html::element or Html::openElement.\u003c/p\u003e\n\n\n\u003cp\u003eThis issue affects Mediawiki - WikiCategoryTagCloud extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "The WikiCategoryTagCloud extension is vulnerable to reflected XSS via the linkstyle attribute, which is improperly concatenated into inline HTML without escaping. An attacker can inject JavaScript event handlers such as onmouseenter using carefully crafted input via the {{#tag:tagcloud}} parser function, resulting in arbitrary JavaScript execution when a victim hovers over a link in the category cloud.\n\n\n\n\nThe vulnerability exists because the linkstyle parameter is only passed through Sanitizer::checkCss() (which does not escape HTML) and is then directly inserted into a style attribute using string concatenation instead of Html::element or Html::openElement.\n\n\n\n\nThis issue affects Mediawiki - WikiCategoryTagCloud extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T15:07:44.875Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T394590"
},
{
"url": "https://gerrit.wikimedia.org/r/q/Idd68cf2372aedd916687d30b1bd09ebb48fcfd17"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "WikiCategoryTagCloud: Reflected Cross-Site Scripting (XSS) via linkstyle attribute in parser function",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53486",
"datePublished": "2025-07-07T15:07:44.875Z",
"dateReserved": "2025-06-30T15:20:44.462Z",
"dateUpdated": "2025-07-07T19:15:02.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53478 (GCVE-0-2025-53478)
Vulnerability from cvelistv5 – Published: 2025-07-07 18:16 – Updated: 2025-07-07 20:49
VLAI?
EPSS
Title
CheckUser: Reflected Cross-Site Scripting (XSS) in Special:Investigate via unsanitized i18n messages
Summary
The CheckUser extension’s Special:Investigate interface is vulnerable to reflected XSS due to improper escaping of certain internationalized system messages rendered on the “IPs and User agents” tab.
This issue affects Mediawiki - CheckUser extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - CheckUser extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53478",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T20:49:04.401865Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T20:49:34.393Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - CheckUser extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe CheckUser extension\u2019s Special:Investigate interface is vulnerable to \u003cb\u003ereflected XSS\u003c/b\u003e due to improper escaping of certain internationalized system messages rendered on the \u201cIPs and User agents\u201d tab.\u003c/p\u003e\n\n\n\u003cp\u003eThis issue affects Mediawiki - CheckUser extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "The CheckUser extension\u2019s Special:Investigate interface is vulnerable to reflected XSS due to improper escaping of certain internationalized system messages rendered on the \u201cIPs and User agents\u201d tab.\n\n\n\n\nThis issue affects Mediawiki - CheckUser extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T18:16:33.919Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T394692"
},
{
"url": "https://gerrit.wikimedia.org/r/q/I3a1e21b6800ff4d813a33ee9fe9b7ccf070b6b2e"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CheckUser: Reflected Cross-Site Scripting (XSS) in Special:Investigate via unsanitized i18n messages",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53478",
"datePublished": "2025-07-07T18:16:33.919Z",
"dateReserved": "2025-06-30T15:20:44.461Z",
"dateUpdated": "2025-07-07T20:49:34.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53489 (GCVE-0-2025-53489)
Vulnerability from cvelistv5 – Published: 2025-07-03 16:06 – Updated: 2025-07-10 23:33
VLAI?
EPSS
Title
XSS in GoogleDocs4MW
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - GoogleDocs4MW Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - GoogleDocs4MW Extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
5.6 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - GoogleDocs4MW Extension |
Affected:
1.42.x , < 1.42.7
(semver)
Affected: 1.43.x , < 1.43.2 (semver) |
Credits
SomeRandomDeveloper
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53489",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-03T17:57:10.981383Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T17:57:49.811Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - GoogleDocs4MW Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SomeRandomDeveloper"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - GoogleDocs4MW Extension allows Cross-Site Scripting (XSS).\u003cp\u003eThis issue affects Mediawiki - GoogleDocs4MW Extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - GoogleDocs4MW Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - GoogleDocs4MW Extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T23:33:42.049Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T395949"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/GoogleDocs4MW/+/1155269"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "XSS in GoogleDocs4MW",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53489",
"datePublished": "2025-07-03T16:06:46.491Z",
"dateReserved": "2025-06-30T15:36:34.119Z",
"dateUpdated": "2025-07-10T23:33:42.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-49575 (GCVE-0-2025-49575)
Vulnerability from cvelistv5 – Published: 2025-06-12 18:45 – Updated: 2025-06-12 18:58
VLAI?
EPSS
Title
Citizen allows stored XSS in Command Palette tip messages
Summary
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| StarCitizenTools | mediawiki-skins-Citizen |
Affected:
>= 4fa69e1d062dca7e407cc0530cf1da3e2baaf0b5, < 93c36ac778397e0e7c46cf7adb1e5d848265f1bd
Affected: >= 3.2.0, < 3.3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49575",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-12T18:57:54.285326Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T18:58:25.445Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mediawiki-skins-Citizen",
"vendor": "StarCitizenTools",
"versions": [
{
"status": "affected",
"version": "\u003e= 4fa69e1d062dca7e407cc0530cf1da3e2baaf0b5, \u003c 93c36ac778397e0e7c46cf7adb1e5d848265f1bd"
},
{
"status": "affected",
"version": "\u003e= 3.2.0, \u003c 3.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T18:50:35.436Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-4c2h-67qq-vm87",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-4c2h-67qq-vm87"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/4fa69e1d062dca7e407cc0530cf1da3e2baaf0b5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/4fa69e1d062dca7e407cc0530cf1da3e2baaf0b5"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/93c36ac778397e0e7c46cf7adb1e5d848265f1bd",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/93c36ac778397e0e7c46cf7adb1e5d848265f1bd"
}
],
"source": {
"advisory": "GHSA-4c2h-67qq-vm87",
"discovery": "UNKNOWN"
},
"title": "Citizen allows stored XSS in Command Palette tip messages"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-49575",
"datePublished": "2025-06-12T18:45:23.363Z",
"dateReserved": "2025-06-06T15:44:21.555Z",
"dateUpdated": "2025-06-12T18:58:25.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53495 (GCVE-0-2025-53495)
Vulnerability from cvelistv5 – Published: 2025-07-07 18:30 – Updated: 2025-07-08 20:06
VLAI?
EPSS
Title
Unauthorized Disclosure of IP Reputation in AbuseFilter
Summary
Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2.
Severity ?
9.1 (Critical)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - AbuseFilter Extension |
Affected:
1.43.x , < 1.43.2
(semver)
|
Credits
Dreamy Jazz
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53495",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T14:33:26.281744Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T17:36:10.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - AbuseFilter Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dreamy Jazz"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.\u003cp\u003eThis issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115: Unauthorized Access"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T20:06:40.733Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T396750"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/1166040"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthorized Disclosure of IP Reputation in AbuseFilter",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53495",
"datePublished": "2025-07-07T18:30:31.465Z",
"dateReserved": "2025-06-30T15:36:34.120Z",
"dateUpdated": "2025-07-08T20:06:40.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53490 (GCVE-0-2025-53490)
Vulnerability from cvelistv5 – Published: 2025-07-03 16:04 – Updated: 2025-07-10 23:33
VLAI?
EPSS
Title
Multiple XSS in CampaignEvents
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - CampaignEvents Extension: from 1.43.X before 1.43.2.
Severity ?
5.6 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - CampaignEvents Extension |
Affected:
1.43.x , < 1.43.2
(semver)
|
Credits
Daimona
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53490",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-03T17:47:47.571234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T17:48:06.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - CampaignEvents Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Daimona"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting (XSS).\u003cp\u003eThis issue affects Mediawiki - CampaignEvents Extension: from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - CampaignEvents Extension: from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T23:33:01.924Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T395622"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/CampaignEvents/+/1165949"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Multiple XSS in CampaignEvents",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53490",
"datePublished": "2025-07-03T16:04:05.491Z",
"dateReserved": "2025-06-30T15:36:34.119Z",
"dateUpdated": "2025-07-10T23:33:01.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53488 (GCVE-0-2025-53488)
Vulnerability from cvelistv5 – Published: 2025-07-07 18:44 – Updated: 2025-07-10 23:34
VLAI?
EPSS
Title
Stored XSS in WikiHiero
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - WikiHiero Extension allows Stored XSS.This issue affects Mediawiki - WikiHiero Extension: from 1.43.X before 1.43.2.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - WikiHiero Extension |
Affected:
1.43.x , < 1.43.2
(semver)
|
Credits
SomeRandomDeveloper
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53488",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T15:31:15.917535Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T17:35:43.873Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://phabricator.wikimedia.org/T396524"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - WikiHiero Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SomeRandomDeveloper"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - WikiHiero Extension allows Stored XSS.\u003cp\u003eThis issue affects Mediawiki - WikiHiero Extension: from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - WikiHiero Extension allows Stored XSS.This issue affects Mediawiki - WikiHiero Extension: from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T23:34:04.537Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T396524"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/wikihiero/+/1166018"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored XSS in WikiHiero",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53488",
"datePublished": "2025-07-07T18:44:40.031Z",
"dateReserved": "2025-06-30T15:36:34.119Z",
"dateUpdated": "2025-07-10T23:34:04.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53502 (GCVE-0-2025-53502)
Vulnerability from cvelistv5 – Published: 2025-07-03 16:11 – Updated: 2025-07-10 23:37
VLAI?
EPSS
Title
HTML injection in FeaturedFeeds
Summary
Improper Input Validation vulnerability in Wikimedia Foundation Mediawiki - FeaturedFeeds Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - FeaturedFeeds Extension: 1.39.X, 1.42.X, 1.43.X.
Severity ?
6.5 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - FeaturedFeeds Extension |
Affected:
1.39.x
(semver)
Affected: 1.42.x (semver) Affected: 1.43.x (semver) |
Credits
Legoktm
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53502",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-03T17:54:09.990520Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T17:55:11.828Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - FeaturedFeeds Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Legoktm"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in Wikimedia Foundation Mediawiki - FeaturedFeeds Extension allows Cross-Site Scripting (XSS).\u003cp\u003eThis issue affects Mediawiki - FeaturedFeeds Extension: 1.39.X, 1.42.X, 1.43.X.\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability in Wikimedia Foundation Mediawiki - FeaturedFeeds Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - FeaturedFeeds Extension: 1.39.X, 1.42.X, 1.43.X."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T23:37:56.408Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T392279"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/FeaturedFeeds/+/1149742"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HTML injection in FeaturedFeeds",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53502",
"datePublished": "2025-07-03T16:11:07.054Z",
"dateReserved": "2025-06-30T15:36:41.721Z",
"dateUpdated": "2025-07-10T23:37:56.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7362 (GCVE-0-2025-7362)
Vulnerability from cvelistv5 – Published: 2025-07-08 17:22 – Updated: 2025-07-10 13:19
VLAI?
EPSS
Title
MsUpload: Stored Cross-Site Scripting (XSS) via unsanitized msu-continue system message
Summary
The MsUpload extension for MediaWiki is vulnerable to stored XSS via the msu-continue system message, which is inserted into the DOM without proper sanitization. The vulnerability occurs in the file upload UI when the same filename is uploaded twice.
This issue affects Mediawiki - MsUpload extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - MsUpload extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-7362",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T13:19:17.654293Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T13:19:38.972Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://phabricator.wikimedia.org/T394864"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - MsUpload extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe MsUpload extension for MediaWiki is vulnerable to stored XSS via the msu-continue system message, which is inserted into the DOM without proper sanitization. The vulnerability occurs in the file upload UI when the same filename is uploaded twice.\u003c/p\u003e\n\n\n\u003cp\u003eThis issue affects Mediawiki - MsUpload extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "The MsUpload extension for MediaWiki is vulnerable to stored XSS via the msu-continue system message, which is inserted into the DOM without proper sanitization. The vulnerability occurs in the file upload UI when the same filename is uploaded twice.\n\n\n\n\nThis issue affects Mediawiki - MsUpload extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T17:22:35.364Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T394864"
},
{
"url": "https://gerrit.wikimedia.org/r/q/Icf4c0a5a936926ea887ca2e48c3a7bd297201d9f"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "MsUpload: Stored Cross-Site Scripting (XSS) via unsanitized msu-continue system message",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-7362",
"datePublished": "2025-07-08T17:22:35.364Z",
"dateReserved": "2025-07-08T17:18:05.309Z",
"dateUpdated": "2025-07-10T13:19:38.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53496 (GCVE-0-2025-53496)
Vulnerability from cvelistv5 – Published: 2025-07-07 19:12 – Updated: 2025-07-31 17:28
VLAI?
EPSS
Title
Stored XSS in MediaSearch
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - MediaSearch Extension allows Stored XSS.This issue affects Mediawiki - MediaSearch Extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - MediaSearch Extension |
Affected:
1.42.x , < 1.42.7
(semver)
Affected: 1.43.x , < 1.43.2 (semver) |
Credits
SomeRandomDeveloper
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53496",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T20:57:21.674910Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-31T17:28:53.814Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - MediaSearch Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SomeRandomDeveloper"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - MediaSearch Extension allows Stored XSS.\u003cp\u003eThis issue affects Mediawiki - MediaSearch Extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - MediaSearch Extension allows Stored XSS.This issue affects Mediawiki - MediaSearch Extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T19:37:01.518Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T396946"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/MediaSearch/+/1166030"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored XSS in MediaSearch",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53496",
"datePublished": "2025-07-07T19:12:46.564Z",
"dateReserved": "2025-06-30T15:36:34.120Z",
"dateUpdated": "2025-07-31T17:28:53.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32956 (GCVE-0-2025-32956)
Vulnerability from cvelistv5 – Published: 2025-04-21 20:45 – Updated: 2025-05-12 15:40
VLAI?
EPSS
Title
ManageWiki has SQL injection vulnerability in NamespaceMigrationJob
Summary
ManageWiki is a MediaWiki extension allowing users to manage wikis. Versions before commit f504ed8, are vulnerable to SQL injection when renaming a namespace in Special:ManageWiki/namespaces when using a page prefix (namespace name, which is the current namespace you are renaming) with an injection payload. This issue has been patched in commit f504ed8. A workaround for this vulnerability involves setting `$wgManageWiki['namespaces'] = false;`.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| miraheze | ManageWiki |
Affected:
< f504ed8
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32956",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T13:37:16.343745Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T13:37:53.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-05-12T15:40:28.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-32956-detect-mediawiki-vulnerability"
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2025-32956-mitigate-mediawiki-vulnerability"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"product": "ManageWiki",
"vendor": "miraheze",
"versions": [
{
"status": "affected",
"version": "\u003c f504ed8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ManageWiki is a MediaWiki extension allowing users to manage wikis. Versions before commit f504ed8, are vulnerable to SQL injection when renaming a namespace in Special:ManageWiki/namespaces when using a page prefix (namespace name, which is the current namespace you are renaming) with an injection payload. This issue has been patched in commit f504ed8. A workaround for this vulnerability involves setting `$wgManageWiki[\u0027namespaces\u0027] = false;`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T20:45:49.523Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/miraheze/ManageWiki/security/advisories/GHSA-gg42-cv66-f5x7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/miraheze/ManageWiki/security/advisories/GHSA-gg42-cv66-f5x7"
},
{
"name": "https://github.com/miraheze/ManageWiki/commit/f504ed8eeb59b57ebb90f93cd44f23da4c5bc4c9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/miraheze/ManageWiki/commit/f504ed8eeb59b57ebb90f93cd44f23da4c5bc4c9"
}
],
"source": {
"advisory": "GHSA-gg42-cv66-f5x7",
"discovery": "UNKNOWN"
},
"title": "ManageWiki has SQL injection vulnerability in NamespaceMigrationJob"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-32956",
"datePublished": "2025-04-21T20:45:49.523Z",
"dateReserved": "2025-04-14T21:47:11.452Z",
"dateUpdated": "2025-05-12T15:40:28.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53483 (GCVE-0-2025-53483)
Vulnerability from cvelistv5 – Published: 2025-07-04 17:28 – Updated: 2025-07-08 17:38
VLAI?
EPSS
Title
SecurePoll: Multiple admin actions vulnerable to Cross-Site Request Forgery
Summary
ArchivePage.php, UnarchivePage.php, and VoterEligibilityPage#executeClear() do not validate request methods or CSRF tokens, allowing attackers to trigger sensitive actions if an admin visits a malicious site.
This issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
8.8 (High)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - SecurePoll extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53483",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T19:45:12.056089Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T17:38:14.909Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - SecurePoll extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eArchivePage.php, UnarchivePage.php, and VoterEligibilityPage#executeClear() do not validate request methods or CSRF tokens, allowing attackers to trigger sensitive actions if an admin visits a malicious site.\u003c/p\u003e\n\n\n\u003cp\u003eThis issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "ArchivePage.php, UnarchivePage.php, and VoterEligibilityPage#executeClear() do not validate request methods or CSRF tokens, allowing attackers to trigger sensitive actions if an admin visits a malicious site.\n\n\n\n\nThis issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62 Cross Site Request Forgery"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-04T17:42:47.575Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T392341"
},
{
"url": "https://gerrit.wikimedia.org/r/1149618"
},
{
"url": "https://gerrit.wikimedia.org/r/1149664"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SecurePoll: Multiple admin actions vulnerable to Cross-Site Request Forgery",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53483",
"datePublished": "2025-07-04T17:28:40.374Z",
"dateReserved": "2025-06-30T15:20:44.462Z",
"dateUpdated": "2025-07-08T17:38:14.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53484 (GCVE-0-2025-53484)
Vulnerability from cvelistv5 – Published: 2025-07-04 17:34 – Updated: 2025-07-08 17:38
VLAI?
EPSS
Title
SecurePoll: Multiple locations vulnerable to Cross-Site Scripting (XSS) via unescaped input
Summary
User-controlled inputs are improperly escaped in:
*
VotePage.php (poll option input)
*
ResultPage::getPagesTab() and getErrorsTab() (user-controllable page names)
This allows attackers to inject JavaScript and compromise user sessions under certain conditions.
This issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
9.8 (Critical)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - SecurePoll extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53484",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T19:45:03.712194Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T17:38:09.511Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - SecurePoll extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUser-controlled inputs are improperly escaped in:\u003c/p\u003e\n\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\n\u003cp\u003eVotePage.php (poll option input)\u003c/p\u003e\n\u003c/li\u003e\u003cli\u003e\n\u003cp\u003eResultPage::getPagesTab() and getErrorsTab() (user-controllable page names)\u003c/p\u003e\n\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\n\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\n\u003cp\u003eThis allows attackers to inject JavaScript and compromise user sessions under certain conditions.\u003c/p\u003e\n\n\n\u003cp\u003eThis issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "User-controlled inputs are improperly escaped in:\n\n\n\n\n * \nVotePage.php (poll option input)\n\n\n\n * \nResultPage::getPagesTab() and getErrorsTab() (user-controllable page names)\n\n\n\n\n\n\n\n\n\n\n\n\nThis allows attackers to inject JavaScript and compromise user sessions under certain conditions.\n\n\n\n\nThis issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-04T17:43:51.693Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T392341"
},
{
"url": "https://gerrit.wikimedia.org/r/1149669"
},
{
"url": "https://gerrit.wikimedia.org/r/1149655"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SecurePoll: Multiple locations vulnerable to Cross-Site Scripting (XSS) via unescaped input",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53484",
"datePublished": "2025-07-04T17:34:24.470Z",
"dateReserved": "2025-06-30T15:20:44.462Z",
"dateUpdated": "2025-07-08T17:38:09.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53368 (GCVE-0-2025-53368)
Vulnerability from cvelistv5 – Published: 2025-07-03 19:34 – Updated: 2025-07-03 19:50
VLAI?
EPSS
Title
Citizen is vulnerable to stored XSS attack in the legacy search bar
Summary
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. From versions 1.9.4 to before 3.4.0, page descriptions are inserted into raw HTML without proper sanitization by the Citizen skin when using the old search bar. Any user with page editing privileges can insert cross-site scripting (XSS) payloads into the DOM for other users who are searching for specific pages. This issue has been patched in version 3.4.0.
Severity ?
8.6 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| StarCitizenTools | mediawiki-skins-Citizen |
Affected:
>= 1.9.4, < 3.4.0
Affected: >= b2bd79196db1153d0bc1bd51a646d957cbdf4aec, < aedbceb3380bb48db6b59e272fc187529c71c8ca |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53368",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-03T19:50:31.799305Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T19:50:44.553Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mediawiki-skins-Citizen",
"vendor": "StarCitizenTools",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.9.4, \u003c 3.4.0"
},
{
"status": "affected",
"version": "\u003e= b2bd79196db1153d0bc1bd51a646d957cbdf4aec, \u003c aedbceb3380bb48db6b59e272fc187529c71c8ca"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. From versions 1.9.4 to before 3.4.0, page descriptions are inserted into raw HTML without proper sanitization by the Citizen skin when using the old search bar. Any user with page editing privileges can insert cross-site scripting (XSS) payloads into the DOM for other users who are searching for specific pages. This issue has been patched in version 3.4.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T19:34:50.057Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-rq6g-6g94-jfr4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-rq6g-6g94-jfr4"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/aedbceb3380bb48db6b59e272fc187529c71c8ca",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/aedbceb3380bb48db6b59e272fc187529c71c8ca"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/releases/tag/v3.4.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/releases/tag/v3.4.0"
}
],
"source": {
"advisory": "GHSA-rq6g-6g94-jfr4",
"discovery": "UNKNOWN"
},
"title": "Citizen is vulnerable to stored XSS attack in the legacy search bar"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-53368",
"datePublished": "2025-07-03T19:34:50.057Z",
"dateReserved": "2025-06-27T12:57:16.121Z",
"dateUpdated": "2025-07-03T19:50:44.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53497 (GCVE-0-2025-53497)
Vulnerability from cvelistv5 – Published: 2025-07-07 16:28 – Updated: 2025-07-10 23:30
VLAI?
EPSS
Title
Stored XSS in RelatedArticles
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - RelatedArticles Extension allows Stored XSS.This issue affects Mediawiki - RelatedArticles Extension: from 1.43.X before 1.43.2.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - RelatedArticles Extension |
Affected:
1.43.x , < 1.43.2
(semver)
|
Credits
SomeRandomDeveloper
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53497",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T20:42:14.876089Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T20:46:30.045Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - RelatedArticles Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SomeRandomDeveloper"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - RelatedArticles Extension allows Stored XSS.\u003cp\u003eThis issue affects Mediawiki - RelatedArticles Extension: from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - RelatedArticles Extension allows Stored XSS.This issue affects Mediawiki - RelatedArticles Extension: from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T23:30:32.976Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T396413"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/RelatedArticles/+/1166024"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored XSS in RelatedArticles",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53497",
"datePublished": "2025-07-07T16:28:49.827Z",
"dateReserved": "2025-06-30T15:36:34.120Z",
"dateUpdated": "2025-07-10T23:30:32.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-49577 (GCVE-0-2025-49577)
Vulnerability from cvelistv5 – Published: 2025-06-12 18:45 – Updated: 2025-06-12 19:01
VLAI?
EPSS
Title
Citizen allows stored XSS in preference menu headings
Summary
Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1.
Severity ?
6.5 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| StarCitizenTools | mediawiki-skins-Citizen |
Affected:
>= a741639085d70c22a9f49890542a142a223bf981, < 93c36ac778397e0e7c46cf7adb1e5d848265f1bd
Affected: >= 2.13.0, < 3.3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49577",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-12T19:00:36.428990Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T19:01:58.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mediawiki-skins-Citizen",
"vendor": "StarCitizenTools",
"versions": [
{
"status": "affected",
"version": "\u003e= a741639085d70c22a9f49890542a142a223bf981, \u003c 93c36ac778397e0e7c46cf7adb1e5d848265f1bd"
},
{
"status": "affected",
"version": "\u003e= 2.13.0, \u003c 3.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Various preferences messages are inserted into raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This vulnerability is fixed in 3.3.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T18:45:18.415Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-jwr7-992g-68mh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/security/advisories/GHSA-jwr7-992g-68mh"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/93c36ac778397e0e7c46cf7adb1e5d848265f1bd",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/93c36ac778397e0e7c46cf7adb1e5d848265f1bd"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/a741639085d70c22a9f49890542a142a223bf981",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-skins-Citizen/commit/a741639085d70c22a9f49890542a142a223bf981"
}
],
"source": {
"advisory": "GHSA-jwr7-992g-68mh",
"discovery": "UNKNOWN"
},
"title": "Citizen allows stored XSS in preference menu headings"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-49577",
"datePublished": "2025-06-12T18:45:18.415Z",
"dateReserved": "2025-06-06T15:44:21.555Z",
"dateUpdated": "2025-06-12T19:01:58.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-7056 (GCVE-0-2025-7056)
Vulnerability from cvelistv5 – Published: 2025-07-07 13:57 – Updated: 2025-07-10 23:28
VLAI?
EPSS
Title
Stored XSS in UrlShortener
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - UrlShortener Extension allows Stored XSS.This issue affects Mediawiki - UrlShortener Extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
6.3 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - UrlShortener Extension |
Affected:
1.42.x , < 1.42.7
(semver)
Affected: 1.43.x , < 1.43.2 (semver) |
Credits
SomeRandomDeveloper
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-7056",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T14:41:21.613910Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T14:42:48.894Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - UrlShortener Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SomeRandomDeveloper"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - UrlShortener Extension allows Stored XSS.\u003cp\u003eThis issue affects Mediawiki - UrlShortener Extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - UrlShortener Extension allows Stored XSS.This issue affects Mediawiki - UrlShortener Extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T23:28:45.730Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T394869"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/UrlShortener/+/1166268"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored XSS in UrlShortener",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-7056",
"datePublished": "2025-07-07T13:57:25.974Z",
"dateReserved": "2025-07-03T22:11:34.450Z",
"dateUpdated": "2025-07-10T23:28:45.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53487 (GCVE-0-2025-53487)
Vulnerability from cvelistv5 – Published: 2025-07-07 15:13 – Updated: 2025-07-07 19:16
VLAI?
EPSS
Title
ApprovedRevs: Stored Cross-Site Scripting (XSS) via unsanitized system messages
Summary
The ApprovedRevs extension for MediaWiki is vulnerable to stored XSS in multiple locations where system messages are inserted into raw HTML without proper escaping. Attackers can exploit this by injecting JavaScript payloads via the uselang=x-xss language override, which causes crafted message keys to be rendered unescaped.
This issue affects Mediawiki - ApprovedRevs extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - ApprovedRevs extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53487",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T19:15:46.401420Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T19:16:14.015Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - ApprovedRevs extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe ApprovedRevs extension for MediaWiki is vulnerable to \u003cb\u003estored XSS\u003c/b\u003e in multiple locations where system messages are inserted into raw HTML without proper escaping. Attackers can exploit this by injecting JavaScript payloads via the uselang=x-xss language override, which causes crafted message keys to be rendered unescaped.\u003c/p\u003e\n\n\n\u003cp\u003eThis issue affects Mediawiki - ApprovedRevs extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "The ApprovedRevs extension for MediaWiki is vulnerable to stored XSS in multiple locations where system messages are inserted into raw HTML without proper escaping. Attackers can exploit this by injecting JavaScript payloads via the uselang=x-xss language override, which causes crafted message keys to be rendered unescaped.\n\n\n\n\nThis issue affects Mediawiki - ApprovedRevs extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T15:13:38.574Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T394383"
},
{
"url": "https://gerrit.wikimedia.org/r/q/Ifcab085111e7898da485a5e2ae287fee4e6d167b"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "ApprovedRevs: Stored Cross-Site Scripting (XSS) via unsanitized system messages",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53487",
"datePublished": "2025-07-07T15:13:38.574Z",
"dateReserved": "2025-06-30T15:20:44.462Z",
"dateUpdated": "2025-07-07T19:16:14.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53369 (GCVE-0-2025-53369)
Vulnerability from cvelistv5 – Published: 2025-07-03 19:57 – Updated: 2025-07-03 20:11
VLAI?
EPSS
Title
Citizen Short Description stored XSS vulnerability through wikitext
Summary
Short Description is a MediaWiki extension that provides local short description support. In version 4.0.0, short descriptions are not properly sanitized before being inserted as HTML using mw.util.addSubtitle, allowing any user to insert arbitrary HTML into the DOM by editing a page. This issue has been patched in version 4.0.1.
Severity ?
8.6 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| StarCitizenTools | mediawiki-extensions-ShortDescription |
Affected:
>= 05f6c6824f8f37dcc2d51cf6df4e7a09bea2196c, < 2c18bd21c5de53c336f55b6ff42f2983ea5796b4
Affected: >= 4.0.0, < 4.0.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53369",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-03T20:10:48.115990Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T20:11:01.943Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "mediawiki-extensions-ShortDescription",
"vendor": "StarCitizenTools",
"versions": [
{
"status": "affected",
"version": "\u003e= 05f6c6824f8f37dcc2d51cf6df4e7a09bea2196c, \u003c 2c18bd21c5de53c336f55b6ff42f2983ea5796b4"
},
{
"status": "affected",
"version": "\u003e= 4.0.0, \u003c 4.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Short Description is a MediaWiki extension that provides local short description support. In version 4.0.0, short descriptions are not properly sanitized before being inserted as HTML using mw.util.addSubtitle, allowing any user to insert arbitrary HTML into the DOM by editing a page. This issue has been patched in version 4.0.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T19:57:55.147Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/StarCitizenTools/mediawiki-extensions-ShortDescription/security/advisories/GHSA-p85q-mww9-gwqf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/StarCitizenTools/mediawiki-extensions-ShortDescription/security/advisories/GHSA-p85q-mww9-gwqf"
},
{
"name": "https://github.com/StarCitizenTools/mediawiki-extensions-ShortDescription/commit/bc4fdbaeb1dff127fb6d08c0d385b64aa128c8f8",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/StarCitizenTools/mediawiki-extensions-ShortDescription/commit/bc4fdbaeb1dff127fb6d08c0d385b64aa128c8f8"
}
],
"source": {
"advisory": "GHSA-p85q-mww9-gwqf",
"discovery": "UNKNOWN"
},
"title": "Citizen Short Description stored XSS vulnerability through wikitext"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-53369",
"datePublished": "2025-07-03T19:57:55.147Z",
"dateReserved": "2025-06-27T12:57:16.121Z",
"dateUpdated": "2025-07-03T20:11:01.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53491 (GCVE-0-2025-53491)
Vulnerability from cvelistv5 – Published: 2025-07-07 16:17 – Updated: 2025-07-10 23:32
VLAI?
EPSS
Title
XSS in FlaggedRevs
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - FlaggedRevs Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - FlaggedRevs Extension: from 1.43.X before 1.43.2.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - FlaggedRevs Extension |
Affected:
1.43.x , < 1.43.2
(semver)
|
Credits
Dreamy_Jazz
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T19:18:49.222039Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T19:19:14.568Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - FlaggedRevs Extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dreamy_Jazz"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - FlaggedRevs Extension allows Cross-Site Scripting (XSS).\u003cp\u003eThis issue affects Mediawiki - FlaggedRevs Extension: from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - FlaggedRevs Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - FlaggedRevs Extension: from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T23:32:35.484Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T394397"
},
{
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/FlaggedRevs/+/1165929"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "XSS in FlaggedRevs",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53491",
"datePublished": "2025-07-07T16:17:29.771Z",
"dateReserved": "2025-06-30T15:36:34.119Z",
"dateUpdated": "2025-07-10T23:32:35.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-32964 (GCVE-0-2025-32964)
Vulnerability from cvelistv5 – Published: 2025-04-22 17:15 – Updated: 2025-04-22 17:35
VLAI?
EPSS
Title
ManageWiki vulnerable to permission bypass when disabling extensions requiring certain permissions in Special:ManageWiki/extensions
Summary
ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 00bebea, when enabling a conflicting extension, a restricted extension would be automatically disabled even if the user did not hold the ManageWiki-restricted right. This issue has been patched in commit 00bebea. A workaround involves ensuring that any extensions requiring specific permissions in `$wgManageWikiExtensions` also require the same permissions for managing any conflicting extensions.
Severity ?
4.6 (Medium)
CWE
- CWE-285 - Improper Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| miraheze | ManageWiki |
Affected:
< 00bebea
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32964",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T17:35:26.566312Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T17:35:37.926Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ManageWiki",
"vendor": "miraheze",
"versions": [
{
"status": "affected",
"version": "\u003c 00bebea"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 00bebea, when enabling a conflicting extension, a restricted extension would be automatically disabled even if the user did not hold the ManageWiki-restricted right. This issue has been patched in commit 00bebea. A workaround involves ensuring that any extensions requiring specific permissions in `$wgManageWikiExtensions` also require the same permissions for managing any conflicting extensions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T17:15:03.200Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/miraheze/ManageWiki/security/advisories/GHSA-ccrf-x5rp-gppr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/miraheze/ManageWiki/security/advisories/GHSA-ccrf-x5rp-gppr"
},
{
"name": "https://github.com/miraheze/ManageWiki/commit/00bebea43a3e3ff0157b5f04df17c1d1e88a9acd",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/miraheze/ManageWiki/commit/00bebea43a3e3ff0157b5f04df17c1d1e88a9acd"
}
],
"source": {
"advisory": "GHSA-ccrf-x5rp-gppr",
"discovery": "UNKNOWN"
},
"title": "ManageWiki vulnerable to permission bypass when disabling extensions requiring certain permissions in Special:ManageWiki/extensions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-32964",
"datePublished": "2025-04-22T17:15:03.200Z",
"dateReserved": "2025-04-14T21:47:11.453Z",
"dateUpdated": "2025-04-22T17:35:37.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53480 (GCVE-0-2025-53480)
Vulnerability from cvelistv5 – Published: 2025-07-08 14:58 – Updated: 2025-07-08 20:44
VLAI?
EPSS
Title
CheckUser: Reflected Cross-Site Scripting (XSS) in Special:Investigate (Account information tab) via unsanitized i18n messages
Summary
The CheckUser extension’s Special:Investigate page has a vulnerability in the Account information tab, where specific internationalized messages are rendered without proper escaping. Attackers can exploit this by appending ?uselang=x-xss to the URL, causing reflected XSS when the UI renders affected message keys.
This issue affects Mediawiki - CheckUser extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Wikimedia Foundation | Mediawiki - CheckUser extension |
Affected:
1.39.x , < 1.39.13
(semver)
Affected: 1.42.x , < 1.42.7 (semver) Affected: 1.43.x , < 1.43.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-53480",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T20:44:35.609306Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T20:44:54.968Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mediawiki - CheckUser extension",
"vendor": "Wikimedia Foundation",
"versions": [
{
"lessThan": "1.39.13",
"status": "affected",
"version": "1.39.x",
"versionType": "semver"
},
{
"lessThan": "1.42.7",
"status": "affected",
"version": "1.42.x",
"versionType": "semver"
},
{
"lessThan": "1.43.2",
"status": "affected",
"version": "1.43.x",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe CheckUser extension\u2019s Special:Investigate page has a vulnerability in the Account information tab, where specific internationalized messages are rendered without proper escaping. Attackers can exploit this by appending ?uselang=x-xss to the URL, causing reflected XSS when the UI renders affected message keys.\u003c/p\u003e\n\n\n\u003cp\u003eThis issue affects Mediawiki - CheckUser extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.\u003c/p\u003e"
}
],
"value": "The CheckUser extension\u2019s Special:Investigate page has a vulnerability in the Account information tab, where specific internationalized messages are rendered without proper escaping. Attackers can exploit this by appending ?uselang=x-xss to the URL, causing reflected XSS when the UI renders affected message keys.\n\n\n\n\nThis issue affects Mediawiki - CheckUser extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T14:58:37.544Z",
"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"shortName": "wikimedia-foundation"
},
"references": [
{
"url": "https://phabricator.wikimedia.org/T394700"
},
{
"url": "https://gerrit.wikimedia.org/r/q/I777fc55fef15c3b00df0db268af2b64cb2d6e381"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CheckUser: Reflected Cross-Site Scripting (XSS) in Special:Investigate (Account information tab) via unsanitized i18n messages",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
"assignerShortName": "wikimedia-foundation",
"cveId": "CVE-2025-53480",
"datePublished": "2025-07-08T14:58:37.544Z",
"dateReserved": "2025-06-30T15:20:44.461Z",
"dateUpdated": "2025-07-08T20:44:54.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…