Mediawiki

Checkuser

8 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2026-34090

  • EPSS 0.04%
  • Veröffentlicht 11.05.2026 16:17:30
  • Zuletzt bearbeitet 14.05.2026 16:42:57

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation CheckUser. This issue affects CheckUser: from 1.45.0 before 1.45.2.

4.3

CVE-2025-61658

  • EPSS 0.06%
  • Veröffentlicht 03.02.2026 02:16:08
  • Zuletzt bearbeitet 14.04.2026 14:47:54

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php. This issue affects CheckUser: from * before 1.43.4, 1.44.1.

8.8

CVE-2025-67478

  • EPSS 0.01%
  • Veröffentlicht 03.02.2026 02:16:08
  • Zuletzt bearbeitet 14.04.2026 14:08:48

Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from * before 1.39.14, 1.43.4, 1.44.1.

6.1

CVE-2025-61651

  • EPSS 0.01%
  • Veröffentlicht 03.02.2026 02:16:07
  • Zuletzt bearbeitet 09.04.2026 20:33:09

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser/checkuser/checkUserHelper/buildUser...

6.1

CVE-2025-61648

  • EPSS 0.04%
  • Veröffentlicht 03.02.2026 01:15:58
  • Zuletzt bearbeitet 09.04.2026 20:33:17

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files modules/ext.CheckUser.TempAccounts/components/ShowIPButto...

5.3

CVE-2019-16529

  • EPSS 0.18%
  • Veröffentlicht 19.03.2020 23:15:18
  • Zuletzt bearbeitet 21.11.2024 04:30:46

An issue was discovered in the CheckUser extension through 1.35.0 for MediaWiki. Oversighted edit summaries are still visible in CheckUser results in violation of MediaWiki's permissions model.

6.5

CVE-2019-18611

  • EPSS 0.34%
  • Veröffentlicht 29.10.2019 19:15:19
  • Zuletzt bearbeitet 21.11.2024 04:33:21

An issue was discovered in the CheckUser extension through 1.34 for MediaWiki. Certain sensitive information within oversighted edit summaries made available via the MediaWiki API was potentially visible to users with various levels of access to this...

6.8

CVE-2015-2940

  • EPSS 0.3%
  • Veröffentlicht 13.04.2015 14:59:13
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site request forgery (CSRF) vulnerability in the CheckUser extension for MediaWiki allows remote attackers to hijack the authentication of certain users for requests that retrieve sensitive user information via unspecified vectors.