CVE-2025-61642

Medium CVSS: 6.1

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/CodexHTMLForm.Php, includes/htmlform/fields/HTMLButtonField.Php.

This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.

Vendor

Mediawiki

Product

Mediawiki

CWE

CWE-79

Yayın Tarihi

2026-02-03 00:16:10

Güncelleme

2026-03-25 14:00:27

Source Identifier

c4f26cc8-17ff-4c99-b5e2-38fc1793eacc

KEV Date Added

Kategoriler

CWE-79 Mediawiki MEDIUM Mediawiki 2026

Referanslar

https://phabricator.wikimedia.org/T402313

Benzer Kayıtlar

Medium

CVE-2025-61645

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia F…

Low

CVE-2025-61646

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/RecentChan…

Medium

CVE-2025-11261

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia F…

Low

CVE-2025-61641

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiQue…

Low

CVE-2025-61643

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/recentchan…

Medium

CVE-2025-61636

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia F…