Mediawiki

Mediawiki

378 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-61645

  • EPSS 0.01%
  • Veröffentlicht 03.02.2026 01:15:58
  • Zuletzt bearbeitet 06.03.2026 20:19:07

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/pager/CodexTablePager.Php. This issue affects M...

4.8

CVE-2025-61636

  • EPSS 0.01%
  • Veröffentlicht 03.02.2026 00:16:09
  • Zuletzt bearbeitet 16.03.2026 18:35:47

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLButtonField.Php. This issue...

4.8

CVE-2025-61637

  • EPSS 0.01%
  • Veröffentlicht 03.02.2026 00:16:09
  • Zuletzt bearbeitet 16.03.2026 18:35:15

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Action/mediawiki.Action.Edit.Prev...

4.8

CVE-2025-61638

  • EPSS 0.01%
  • Veröffentlicht 03.02.2026 00:16:09
  • Zuletzt bearbeitet 16.03.2026 18:34:13

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid. This vulnerability is associated with program files includes/parser/Sanitizer.P...

4.8

CVE-2025-61639

  • EPSS 0.01%
  • Veröffentlicht 03.02.2026 00:16:09
  • Zuletzt bearbeitet 16.03.2026 18:33:06

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, inclu...

4.8

CVE-2025-61640

  • EPSS 0.01%
  • Veröffentlicht 03.02.2026 00:16:09
  • Zuletzt bearbeitet 16.03.2026 18:32:27

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Rcfilters/ui/RclToOrFromWidget.Js...

3.1

CVE-2025-61634

  • EPSS 0.01%
  • Veröffentlicht 03.02.2026 00:16:08
  • Zuletzt bearbeitet 17.03.2026 15:22:47

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Rest/Handler/PageHTMLHandler.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.

6.1

CVE-2023-45361

  • EPSS 0.19%
  • Veröffentlicht 09.10.2024 06:15:13
  • Zuletzt bearbeitet 10.10.2024 12:51:56

An issue was discovered in VectorComponentUserLinks.php in the Vector Skin component in MediaWiki before 1.39.5 and 1.40.x before 1.40.1. vector-intro-page MalformedTitleException is uncaught if it is not a valid title, leading to incorrect web pages...

5.3

CVE-2024-47913

Exploit
  • EPSS 0.69%
  • Veröffentlicht 04.10.2024 22:15:02
  • Zuletzt bearbeitet 17.06.2025 15:54:48

An issue was discovered in the AbuseFilter extension for MediaWiki before 1.39.9, 1.40.x and 1.41.x before 1.41.3, and 1.42.x before 1.42.2. An API caller can match a filter condition against AbuseFilter logs even if the caller is not authorized to v...

4.3

CVE-2024-40596

  • EPSS 0.15%
  • Veröffentlicht 07.07.2024 00:15:10
  • Zuletzt bearbeitet 18.03.2025 16:15:22

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special:Investigate feature can expose suppressed information for log events. (TimelineService does not support properly suppressing.)