CVE-2025-11261

Medium CVSS: 6.1

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Language/mediawiki.Language.Js.

This issue affects MediaWiki: from * before 1.39.15, 1.43.5, 1.44.2.

Vendor

Mediawiki

Product

Mediawiki

CWE

CWE-79

Yayın Tarihi

2026-02-03 01:15:57

Güncelleme

2026-03-25 13:46:32

Source Identifier

c4f26cc8-17ff-4c99-b5e2-38fc1793eacc

KEV Date Added

Kategoriler

CWE-79 Mediawiki MEDIUM Mediawiki 2026

Referanslar

https://https://phabricator.wikimedia.org/T406322 https://phabricator.wikimedia.org/T402077

Benzer Kayıtlar

Medium

CVE-2025-61645

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia F…

Low

CVE-2025-61646

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChan…

Low

CVE-2025-61641

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiQue…

Medium

CVE-2025-61642

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia F…

Low

CVE-2025-61643

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/recentchan…

Medium

CVE-2025-61636

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia F…