6.9

CVSS4.0

CVE-2025-32078 - XSSes and potential RCE in Special:VersionCompare

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Version Compare Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Version Compare Extension: from 1.39 through 1.43.

๐Ÿ“… Published: April 11, 2025, 4:24 p.m. ๐Ÿ”„ Last Modified: April 15, 2025, 6:39 p.m.

6.5

CVSS3.1

CVE-2025-32079 - Saving the right content to MediaWiki:GrowthMentors.json can take down the site

Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments allows HTTP DoS.This issue affects Mediawiki - GrowthExperiments: from 1.39 through 1.43.

๐Ÿ“… Published: April 11, 2025, 4:24 p.m. ๐Ÿ”„ Last Modified: July 7, 2025, 3:15 p.m.

6.9

CVSS4.0

CVE-2025-32080 - Cross-origin data leak in mobilefrontend via lazy load images

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in The Wikimedia Foundation Mediawiki - Mobile Frontend Extension allows Shared Resource Manipulation.This issue affects Mediawiki - Mobile Frontend Extension: from 1.39 through 1.43.

๐Ÿ“… Published: April 11, 2025, 4:24 p.m. ๐Ÿ”„ Last Modified: April 15, 2025, 6:39 p.m.

6.9

CVSS4.0

CVE-2025-32076 - Evil regex used to process user-provided data in VisualData

Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Visual Data Extension allows HTTP DoS.This issue affects Mediawiki - Visual Data Extension: from 1.39 through 1.43.

๐Ÿ“… Published: April 11, 2025, 4:23 p.m. ๐Ÿ”„ Last Modified: April 15, 2025, 6:39 p.m.

6.9

CVSS4.0

CVE-2025-32072 - HTML injection in feed output from i18n message

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils allows WebView Injection.This issue affects Mediawiki Core - Feed Utils: from 1.39 through 1.43.

๐Ÿ“… Published: April 11, 2025, 4:23 p.m. ๐Ÿ”„ Last Modified: Nov. 3, 2025, 8:18 p.m.

5.4

CVSS3.1

CVE-2025-32073 - System message XSS in HTMLTags

Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - HTML Tags allows Cross-Site Scripting (XSS).This issue affects Mediawiki - HTML Tags: from 1.39 through 1.43.

๐Ÿ“… Published: April 11, 2025, 4:22 p.m. ๐Ÿ”„ Last Modified: July 7, 2025, 2:15 p.m.

5.4

CVSS3.1

CVE-2025-32074 - XSSes in Extension:ConfirmAccount

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Confirm Account Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Confirm Account Extension: from 1.39 through 1.43.

๐Ÿ“… Published: April 11, 2025, 4:22 p.m. ๐Ÿ”„ Last Modified: July 7, 2025, 3:15 p.m.

6.9

CVSS4.0

CVE-2025-32075 - IP and user agent leaks in Extension:Tabs

Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Tabs Extension allows Code Injection.This issue affects Mediawiki - Tabs Extension: from 1.39 through 1.43.

๐Ÿ“… Published: April 11, 2025, 4:21 p.m. ๐Ÿ”„ Last Modified: April 15, 2025, 6:39 p.m.

5.4

CVSS3.1

CVE-2025-32067 - i18n XSS vulnerability in message growthexperiments

Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Growth Experiments Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Growth Experiments Extension: from 1.39 through 1.43.

๐Ÿ“… Published: April 11, 2025, 4:21 p.m. ๐Ÿ”„ Last Modified: July 7, 2025, 3:15 p.m.

5.4

CVSS3.1

CVE-2025-32068 - Revoking authorization of OAuth2 consumer does not invalidate refresh tokens

Incorrect Authorization vulnerability in The Wikimedia Foundation Mediawiki - OAuth Extension allows Authentication Bypass.This issue affects Mediawiki - OAuth Extension: from 1.39 through 1.43.

๐Ÿ“… Published: April 11, 2025, 4:21 p.m. ๐Ÿ”„ Last Modified: July 7, 2025, 3:15 p.m.
Total resulsts: 343970
Page 5381 of 34,397
ยซ previous page ยป next page
Filters