Vulnerability-Lookup

WID-SEC-W-2026-1043

Vulnerability from csaf_certbund - Published: 2026-04-09 22:00 - Updated: 2026-04-09 22:00

Summary

MediaWiki Erweiterungen: Mehrere Schwachstellen ermöglichen Cross-Site Scripting

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: MediaWiki ist ein freies Wiki, das ursprünglich für den Einsatz auf Wikipedia entwickelt wurde.

Angriff: Ein Angreifer kann mehrere Schwachstellen in MediaWiki Extensions ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.

Betroffene Betriebssysteme: - Sonstiges - UNIX - Windows

CVE-2026-22711

Affected products

Known affected 11 products

Product	Identifier	Version
Open Source MediaWiki GrowthExperiments Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:growthexperiments_extension`	GrowthExperiments Extension
Open Source MediaWiki CampaignEvents Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:campaignevents_extension`	CampaignEvents Extension
Open Source MediaWiki ReportIncident Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:reportincident__extension`	ReportIncident Extension
Open Source MediaWiki ProofreadPage Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:proofreadpage_extension`	ProofreadPage Extension
Open Source MediaWiki Cargo Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:cargo_extension`	Cargo Extension
Open Source MediaWiki <1.45.2 Open Source / MediaWiki		<1.45.2
Open Source MediaWiki Wikilove Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:wikilove_extension`	Wikilove Extension
Open Source MediaWiki Score Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:score_extension`	Score Extension
Open Source MediaWiki <1.43.7 Open Source / MediaWiki		<1.43.7
Open Source MediaWiki CentralAuth Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:centralauth__extension`	CentralAuth Extension
Open Source MediaWiki <1.44.4 Open Source / MediaWiki		<1.44.4

CVE-2026-30977

Affected products

Known affected 11 products

Product	Identifier	Version
Open Source MediaWiki GrowthExperiments Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:growthexperiments_extension`	GrowthExperiments Extension
Open Source MediaWiki CampaignEvents Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:campaignevents_extension`	CampaignEvents Extension
Open Source MediaWiki ReportIncident Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:reportincident__extension`	ReportIncident Extension
Open Source MediaWiki ProofreadPage Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:proofreadpage_extension`	ProofreadPage Extension
Open Source MediaWiki Cargo Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:cargo_extension`	Cargo Extension
Open Source MediaWiki <1.45.2 Open Source / MediaWiki		<1.45.2
Open Source MediaWiki Wikilove Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:wikilove_extension`	Wikilove Extension
Open Source MediaWiki Score Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:score_extension`	Score Extension
Open Source MediaWiki <1.43.7 Open Source / MediaWiki		<1.43.7
Open Source MediaWiki CentralAuth Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:centralauth__extension`	CentralAuth Extension
Open Source MediaWiki <1.44.4 Open Source / MediaWiki		<1.44.4

CVE-2026-39837

Affected products

Known affected 11 products

Product	Identifier	Version
Open Source MediaWiki GrowthExperiments Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:growthexperiments_extension`	GrowthExperiments Extension
Open Source MediaWiki CampaignEvents Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:campaignevents_extension`	CampaignEvents Extension
Open Source MediaWiki ReportIncident Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:reportincident__extension`	ReportIncident Extension
Open Source MediaWiki ProofreadPage Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:proofreadpage_extension`	ProofreadPage Extension
Open Source MediaWiki Cargo Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:cargo_extension`	Cargo Extension
Open Source MediaWiki <1.45.2 Open Source / MediaWiki		<1.45.2
Open Source MediaWiki Wikilove Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:wikilove_extension`	Wikilove Extension
Open Source MediaWiki Score Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:score_extension`	Score Extension
Open Source MediaWiki <1.43.7 Open Source / MediaWiki		<1.43.7
Open Source MediaWiki CentralAuth Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:centralauth__extension`	CentralAuth Extension
Open Source MediaWiki <1.44.4 Open Source / MediaWiki		<1.44.4

CVE-2026-39838

Affected products

Known affected 11 products

Product	Identifier	Version
Open Source MediaWiki GrowthExperiments Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:growthexperiments_extension`	GrowthExperiments Extension
Open Source MediaWiki CampaignEvents Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:campaignevents_extension`	CampaignEvents Extension
Open Source MediaWiki ReportIncident Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:reportincident__extension`	ReportIncident Extension
Open Source MediaWiki ProofreadPage Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:proofreadpage_extension`	ProofreadPage Extension
Open Source MediaWiki Cargo Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:cargo_extension`	Cargo Extension
Open Source MediaWiki <1.45.2 Open Source / MediaWiki		<1.45.2
Open Source MediaWiki Wikilove Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:wikilove_extension`	Wikilove Extension
Open Source MediaWiki Score Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:score_extension`	Score Extension
Open Source MediaWiki <1.43.7 Open Source / MediaWiki		<1.43.7
Open Source MediaWiki CentralAuth Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:centralauth__extension`	CentralAuth Extension
Open Source MediaWiki <1.44.4 Open Source / MediaWiki		<1.44.4

CVE-2026-39839

Affected products

Known affected 11 products

Product	Identifier	Version
Open Source MediaWiki GrowthExperiments Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:growthexperiments_extension`	GrowthExperiments Extension
Open Source MediaWiki CampaignEvents Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:campaignevents_extension`	CampaignEvents Extension
Open Source MediaWiki ReportIncident Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:reportincident__extension`	ReportIncident Extension
Open Source MediaWiki ProofreadPage Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:proofreadpage_extension`	ProofreadPage Extension
Open Source MediaWiki Cargo Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:cargo_extension`	Cargo Extension
Open Source MediaWiki <1.45.2 Open Source / MediaWiki		<1.45.2
Open Source MediaWiki Wikilove Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:wikilove_extension`	Wikilove Extension
Open Source MediaWiki Score Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:score_extension`	Score Extension
Open Source MediaWiki <1.43.7 Open Source / MediaWiki		<1.43.7
Open Source MediaWiki CentralAuth Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:centralauth__extension`	CentralAuth Extension
Open Source MediaWiki <1.44.4 Open Source / MediaWiki		<1.44.4

CVE-2026-39840

Affected products

Known affected 11 products

Product	Identifier	Version
Open Source MediaWiki GrowthExperiments Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:growthexperiments_extension`	GrowthExperiments Extension
Open Source MediaWiki CampaignEvents Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:campaignevents_extension`	CampaignEvents Extension
Open Source MediaWiki ReportIncident Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:reportincident__extension`	ReportIncident Extension
Open Source MediaWiki ProofreadPage Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:proofreadpage_extension`	ProofreadPage Extension
Open Source MediaWiki Cargo Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:cargo_extension`	Cargo Extension
Open Source MediaWiki <1.45.2 Open Source / MediaWiki		<1.45.2
Open Source MediaWiki Wikilove Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:wikilove_extension`	Wikilove Extension
Open Source MediaWiki Score Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:score_extension`	Score Extension
Open Source MediaWiki <1.43.7 Open Source / MediaWiki		<1.43.7
Open Source MediaWiki CentralAuth Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:centralauth__extension`	CentralAuth Extension
Open Source MediaWiki <1.44.4 Open Source / MediaWiki		<1.44.4

CVE-2026-39841

Affected products

Known affected 11 products

Product	Identifier	Version
Open Source MediaWiki GrowthExperiments Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:growthexperiments_extension`	GrowthExperiments Extension
Open Source MediaWiki CampaignEvents Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:campaignevents_extension`	CampaignEvents Extension
Open Source MediaWiki ReportIncident Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:reportincident__extension`	ReportIncident Extension
Open Source MediaWiki ProofreadPage Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:proofreadpage_extension`	ProofreadPage Extension
Open Source MediaWiki Cargo Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:cargo_extension`	Cargo Extension
Open Source MediaWiki <1.45.2 Open Source / MediaWiki		<1.45.2
Open Source MediaWiki Wikilove Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:wikilove_extension`	Wikilove Extension
Open Source MediaWiki Score Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:score_extension`	Score Extension
Open Source MediaWiki <1.43.7 Open Source / MediaWiki		<1.43.7
Open Source MediaWiki CentralAuth Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:centralauth__extension`	CentralAuth Extension
Open Source MediaWiki <1.44.4 Open Source / MediaWiki		<1.44.4

CVE-2026-39933

Affected products

Known affected 11 products

Product	Identifier	Version
Open Source MediaWiki GrowthExperiments Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:growthexperiments_extension`	GrowthExperiments Extension
Open Source MediaWiki CampaignEvents Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:campaignevents_extension`	CampaignEvents Extension
Open Source MediaWiki ReportIncident Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:reportincident__extension`	ReportIncident Extension
Open Source MediaWiki ProofreadPage Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:proofreadpage_extension`	ProofreadPage Extension
Open Source MediaWiki Cargo Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:cargo_extension`	Cargo Extension
Open Source MediaWiki <1.45.2 Open Source / MediaWiki		<1.45.2
Open Source MediaWiki Wikilove Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:wikilove_extension`	Wikilove Extension
Open Source MediaWiki Score Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:score_extension`	Score Extension
Open Source MediaWiki <1.43.7 Open Source / MediaWiki		<1.43.7
Open Source MediaWiki CentralAuth Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:centralauth__extension`	CentralAuth Extension
Open Source MediaWiki <1.44.4 Open Source / MediaWiki		<1.44.4

CVE-2026-39934

Affected products

Known affected 11 products

Product	Identifier	Version
Open Source MediaWiki GrowthExperiments Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:growthexperiments_extension`	GrowthExperiments Extension
Open Source MediaWiki CampaignEvents Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:campaignevents_extension`	CampaignEvents Extension
Open Source MediaWiki ReportIncident Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:reportincident__extension`	ReportIncident Extension
Open Source MediaWiki ProofreadPage Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:proofreadpage_extension`	ProofreadPage Extension
Open Source MediaWiki Cargo Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:cargo_extension`	Cargo Extension
Open Source MediaWiki <1.45.2 Open Source / MediaWiki		<1.45.2
Open Source MediaWiki Wikilove Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:wikilove_extension`	Wikilove Extension
Open Source MediaWiki Score Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:score_extension`	Score Extension
Open Source MediaWiki <1.43.7 Open Source / MediaWiki		<1.43.7
Open Source MediaWiki CentralAuth Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:centralauth__extension`	CentralAuth Extension
Open Source MediaWiki <1.44.4 Open Source / MediaWiki		<1.44.4

CVE-2026-39935

Affected products

Known affected 11 products

Product	Identifier	Version
Open Source MediaWiki GrowthExperiments Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:growthexperiments_extension`	GrowthExperiments Extension
Open Source MediaWiki CampaignEvents Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:campaignevents_extension`	CampaignEvents Extension
Open Source MediaWiki ReportIncident Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:reportincident__extension`	ReportIncident Extension
Open Source MediaWiki ProofreadPage Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:proofreadpage_extension`	ProofreadPage Extension
Open Source MediaWiki Cargo Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:cargo_extension`	Cargo Extension
Open Source MediaWiki <1.45.2 Open Source / MediaWiki		<1.45.2
Open Source MediaWiki Wikilove Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:wikilove_extension`	Wikilove Extension
Open Source MediaWiki Score Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:score_extension`	Score Extension
Open Source MediaWiki <1.43.7 Open Source / MediaWiki		<1.43.7
Open Source MediaWiki CentralAuth Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:centralauth__extension`	CentralAuth Extension
Open Source MediaWiki <1.44.4 Open Source / MediaWiki		<1.44.4

CVE-2026-39936

Affected products

Known affected 11 products

Product	Identifier	Version
Open Source MediaWiki GrowthExperiments Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:growthexperiments_extension`	GrowthExperiments Extension
Open Source MediaWiki CampaignEvents Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:campaignevents_extension`	CampaignEvents Extension
Open Source MediaWiki ReportIncident Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:reportincident__extension`	ReportIncident Extension
Open Source MediaWiki ProofreadPage Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:proofreadpage_extension`	ProofreadPage Extension
Open Source MediaWiki Cargo Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:cargo_extension`	Cargo Extension
Open Source MediaWiki <1.45.2 Open Source / MediaWiki		<1.45.2
Open Source MediaWiki Wikilove Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:wikilove_extension`	Wikilove Extension
Open Source MediaWiki Score Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:score_extension`	Score Extension
Open Source MediaWiki <1.43.7 Open Source / MediaWiki		<1.43.7
Open Source MediaWiki CentralAuth Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:centralauth__extension`	CentralAuth Extension
Open Source MediaWiki <1.44.4 Open Source / MediaWiki		<1.44.4

CVE-2026-39937

Affected products

Known affected 11 products

Product	Identifier	Version
Open Source MediaWiki GrowthExperiments Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:growthexperiments_extension`	GrowthExperiments Extension
Open Source MediaWiki CampaignEvents Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:campaignevents_extension`	CampaignEvents Extension
Open Source MediaWiki ReportIncident Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:reportincident__extension`	ReportIncident Extension
Open Source MediaWiki ProofreadPage Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:proofreadpage_extension`	ProofreadPage Extension
Open Source MediaWiki Cargo Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:cargo_extension`	Cargo Extension
Open Source MediaWiki <1.45.2 Open Source / MediaWiki		<1.45.2
Open Source MediaWiki Wikilove Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:wikilove_extension`	Wikilove Extension
Open Source MediaWiki Score Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:score_extension`	Score Extension
Open Source MediaWiki <1.43.7 Open Source / MediaWiki		<1.43.7
Open Source MediaWiki CentralAuth Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:centralauth__extension`	CentralAuth Extension
Open Source MediaWiki <1.44.4 Open Source / MediaWiki		<1.44.4

CVE-2026-5762

Affected products

Known affected 11 products

Product	Identifier	Version
Open Source MediaWiki GrowthExperiments Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:growthexperiments_extension`	GrowthExperiments Extension
Open Source MediaWiki CampaignEvents Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:campaignevents_extension`	CampaignEvents Extension
Open Source MediaWiki ReportIncident Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:reportincident__extension`	ReportIncident Extension
Open Source MediaWiki ProofreadPage Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:proofreadpage_extension`	ProofreadPage Extension
Open Source MediaWiki Cargo Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:cargo_extension`	Cargo Extension
Open Source MediaWiki <1.45.2 Open Source / MediaWiki		<1.45.2
Open Source MediaWiki Wikilove Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:wikilove_extension`	Wikilove Extension
Open Source MediaWiki Score Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:score_extension`	Score Extension
Open Source MediaWiki <1.43.7 Open Source / MediaWiki		<1.43.7
Open Source MediaWiki CentralAuth Extension Open Source / MediaWiki	`cpe:/a:mediawiki:mediawiki:centralauth__extension`	CentralAuth Extension
Open Source MediaWiki <1.44.4 Open Source / MediaWiki		<1.44.4

References

16 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://lists.wikimedia.org/hyperkitty/list/media…	external
https://euvd.enisa.europa.eu/enisa/EUVD-2026-19851	external
https://euvd.enisa.europa.eu/enisa/EUVD-2026-19889	external
https://euvd.enisa.europa.eu/enisa/EUVD-2026-19891	external
https://euvd.enisa.europa.eu/enisa/EUVD-2026-19897	external
https://euvd.enisa.europa.eu/enisa/EUVD-2026-19927	external
https://euvd.enisa.europa.eu/enisa/EUVD-2026-19929	external
https://github.com/advisories/GHSA-8m8x-w498-p4wx	external
https://euvd.enisa.europa.eu/enisa/EUVD-2026-19931	external
https://euvd.enisa.europa.eu/enisa/EUVD-2026-19976	external
https://euvd.enisa.europa.eu/enisa/EUVD-2026-19978	external
https://euvd.enisa.europa.eu/enisa/EUVD-2026-19980	external
https://euvd.enisa.europa.eu/enisa/EUVD-2026-19982	external
https://euvd.enisa.europa.eu/enisa/EUVD-2026-19984	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "MediaWiki ist ein freies Wiki, das urspr\u00fcnglich f\u00fcr den Einsatz auf Wikipedia entwickelt wurde.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in MediaWiki Extensions ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-1043 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1043.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-1043 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1043"
      },
      {
        "category": "external",
        "summary": "MediaWiki Extensions and Skins Security Release Supplement (1.43.7/1.44.4/1.45.2) vom 2026-04-09",
        "url": "https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/VXEYKT6FNA5NYFPAYU67SNTNBXLTQ4FN/"
      },
      {
        "category": "external",
        "summary": "EU Vulnerability Database EUVD-2026-19851 vom 2026-04-09",
        "url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-19851"
      },
      {
        "category": "external",
        "summary": "EU Vulnerability Database EUVD-2026-19889 vom 2026-04-09",
        "url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-19889"
      },
      {
        "category": "external",
        "summary": "EU Vulnerability Database EUVD-2026-19891 vom 2026-04-09",
        "url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-19891"
      },
      {
        "category": "external",
        "summary": "EU Vulnerability Database EUVD-2026-19897 vom 2026-04-09",
        "url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-19897"
      },
      {
        "category": "external",
        "summary": "EU Vulnerability Database EUVD-2026-19927 vom 2026-04-09",
        "url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-19927"
      },
      {
        "category": "external",
        "summary": "EU Vulnerability Database EUVD-2026-19929 vom 2026-04-09",
        "url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-19929"
      },
      {
        "category": "external",
        "summary": "GitHub Security Advisory GHSA-8m8x-w498-p4wx vom 2026-04-09",
        "url": "https://github.com/advisories/GHSA-8m8x-w498-p4wx"
      },
      {
        "category": "external",
        "summary": "EU Vulnerability Database EUVD-2026-19931 vom 2026-04-09",
        "url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-19931"
      },
      {
        "category": "external",
        "summary": "EU Vulnerability Database EUVD-2026-19976 vom 2026-04-09",
        "url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-19976"
      },
      {
        "category": "external",
        "summary": "EU Vulnerability Database EUVD-2026-19978 vom 2026-04-09",
        "url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-19978"
      },
      {
        "category": "external",
        "summary": "EU Vulnerability Database EUVD-2026-19980 vom 2026-04-09",
        "url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-19980"
      },
      {
        "category": "external",
        "summary": "EU Vulnerability Database EUVD-2026-19982 vom 2026-04-09",
        "url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-19982"
      },
      {
        "category": "external",
        "summary": "EU Vulnerability Database EUVD-2026-19984 vom 2026-04-09",
        "url": "https://euvd.enisa.europa.eu/enisa/EUVD-2026-19984"
      }
    ],
    "source_lang": "en-US",
    "title": "MediaWiki Erweiterungen: Mehrere Schwachstellen erm\u00f6glichen Cross-Site Scripting",
    "tracking": {
      "current_release_date": "2026-04-09T22:00:00.000+00:00",
      "generator": {
        "date": "2026-04-10T09:09:08.024+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-1043",
      "initial_release_date": "2026-04-09T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-04-09T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c1.43.7",
                "product": {
                  "name": "Open Source MediaWiki \u003c1.43.7",
                  "product_id": "T052630"
                }
              },
              {
                "category": "product_version",
                "name": "1.43.7",
                "product": {
                  "name": "Open Source MediaWiki 1.43.7",
                  "product_id": "T052630-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mediawiki:mediawiki:1.43.7"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c1.44.4",
                "product": {
                  "name": "Open Source MediaWiki \u003c1.44.4",
                  "product_id": "T052631"
                }
              },
              {
                "category": "product_version",
                "name": "1.44.4",
                "product": {
                  "name": "Open Source MediaWiki 1.44.4",
                  "product_id": "T052631-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mediawiki:mediawiki:1.44.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c1.45.2",
                "product": {
                  "name": "Open Source MediaWiki \u003c1.45.2",
                  "product_id": "T052632"
                }
              },
              {
                "category": "product_version",
                "name": "1.45.2",
                "product": {
                  "name": "Open Source MediaWiki 1.45.2",
                  "product_id": "T052632-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mediawiki:mediawiki:1.45.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Wikilove Extension",
                "product": {
                  "name": "Open Source MediaWiki Wikilove Extension",
                  "product_id": "T052633",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mediawiki:mediawiki:wikilove_extension"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ProofreadPage Extension",
                "product": {
                  "name": "Open Source MediaWiki ProofreadPage Extension",
                  "product_id": "T052634",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mediawiki:mediawiki:proofreadpage_extension"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Cargo Extension",
                "product": {
                  "name": "Open Source MediaWiki Cargo Extension",
                  "product_id": "T052635",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mediawiki:mediawiki:cargo_extension"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ReportIncident  Extension",
                "product": {
                  "name": "Open Source MediaWiki ReportIncident  Extension",
                  "product_id": "T052636",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mediawiki:mediawiki:reportincident__extension"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "GrowthExperiments Extension",
                "product": {
                  "name": "Open Source MediaWiki GrowthExperiments Extension",
                  "product_id": "T052638",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mediawiki:mediawiki:growthexperiments_extension"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "CampaignEvents Extension",
                "product": {
                  "name": "Open Source MediaWiki CampaignEvents Extension",
                  "product_id": "T052639",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mediawiki:mediawiki:campaignevents_extension"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Score Extension",
                "product": {
                  "name": "Open Source MediaWiki Score Extension",
                  "product_id": "T052641",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mediawiki:mediawiki:score_extension"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "CentralAuth  Extension",
                "product": {
                  "name": "Open Source MediaWiki CentralAuth  Extension",
                  "product_id": "T052642",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:mediawiki:mediawiki:centralauth__extension"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "MediaWiki"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-22711",
      "product_status": {
        "known_affected": [
          "T052638",
          "T052639",
          "T052636",
          "T052634",
          "T052635",
          "T052632",
          "T052633",
          "T052641",
          "T052630",
          "T052642",
          "T052631"
        ]
      },
      "release_date": "2026-04-09T22:00:00.000+00:00",
      "title": "CVE-2026-22711"
    },
    {
      "cve": "CVE-2026-30977",
      "product_status": {
        "known_affected": [
          "T052638",
          "T052639",
          "T052636",
          "T052634",
          "T052635",
          "T052632",
          "T052633",
          "T052641",
          "T052630",
          "T052642",
          "T052631"
        ]
      },
      "release_date": "2026-04-09T22:00:00.000+00:00",
      "title": "CVE-2026-30977"
    },
    {
      "cve": "CVE-2026-39837",
      "product_status": {
        "known_affected": [
          "T052638",
          "T052639",
          "T052636",
          "T052634",
          "T052635",
          "T052632",
          "T052633",
          "T052641",
          "T052630",
          "T052642",
          "T052631"
        ]
      },
      "release_date": "2026-04-09T22:00:00.000+00:00",
      "title": "CVE-2026-39837"
    },
    {
      "cve": "CVE-2026-39838",
      "product_status": {
        "known_affected": [
          "T052638",
          "T052639",
          "T052636",
          "T052634",
          "T052635",
          "T052632",
          "T052633",
          "T052641",
          "T052630",
          "T052642",
          "T052631"
        ]
      },
      "release_date": "2026-04-09T22:00:00.000+00:00",
      "title": "CVE-2026-39838"
    },
    {
      "cve": "CVE-2026-39839",
      "product_status": {
        "known_affected": [
          "T052638",
          "T052639",
          "T052636",
          "T052634",
          "T052635",
          "T052632",
          "T052633",
          "T052641",
          "T052630",
          "T052642",
          "T052631"
        ]
      },
      "release_date": "2026-04-09T22:00:00.000+00:00",
      "title": "CVE-2026-39839"
    },
    {
      "cve": "CVE-2026-39840",
      "product_status": {
        "known_affected": [
          "T052638",
          "T052639",
          "T052636",
          "T052634",
          "T052635",
          "T052632",
          "T052633",
          "T052641",
          "T052630",
          "T052642",
          "T052631"
        ]
      },
      "release_date": "2026-04-09T22:00:00.000+00:00",
      "title": "CVE-2026-39840"
    },
    {
      "cve": "CVE-2026-39841",
      "product_status": {
        "known_affected": [
          "T052638",
          "T052639",
          "T052636",
          "T052634",
          "T052635",
          "T052632",
          "T052633",
          "T052641",
          "T052630",
          "T052642",
          "T052631"
        ]
      },
      "release_date": "2026-04-09T22:00:00.000+00:00",
      "title": "CVE-2026-39841"
    },
    {
      "cve": "CVE-2026-39933",
      "product_status": {
        "known_affected": [
          "T052638",
          "T052639",
          "T052636",
          "T052634",
          "T052635",
          "T052632",
          "T052633",
          "T052641",
          "T052630",
          "T052642",
          "T052631"
        ]
      },
      "release_date": "2026-04-09T22:00:00.000+00:00",
      "title": "CVE-2026-39933"
    },
    {
      "cve": "CVE-2026-39934",
      "product_status": {
        "known_affected": [
          "T052638",
          "T052639",
          "T052636",
          "T052634",
          "T052635",
          "T052632",
          "T052633",
          "T052641",
          "T052630",
          "T052642",
          "T052631"
        ]
      },
      "release_date": "2026-04-09T22:00:00.000+00:00",
      "title": "CVE-2026-39934"
    },
    {
      "cve": "CVE-2026-39935",
      "product_status": {
        "known_affected": [
          "T052638",
          "T052639",
          "T052636",
          "T052634",
          "T052635",
          "T052632",
          "T052633",
          "T052641",
          "T052630",
          "T052642",
          "T052631"
        ]
      },
      "release_date": "2026-04-09T22:00:00.000+00:00",
      "title": "CVE-2026-39935"
    },
    {
      "cve": "CVE-2026-39936",
      "product_status": {
        "known_affected": [
          "T052638",
          "T052639",
          "T052636",
          "T052634",
          "T052635",
          "T052632",
          "T052633",
          "T052641",
          "T052630",
          "T052642",
          "T052631"
        ]
      },
      "release_date": "2026-04-09T22:00:00.000+00:00",
      "title": "CVE-2026-39936"
    },
    {
      "cve": "CVE-2026-39937",
      "product_status": {
        "known_affected": [
          "T052638",
          "T052639",
          "T052636",
          "T052634",
          "T052635",
          "T052632",
          "T052633",
          "T052641",
          "T052630",
          "T052642",
          "T052631"
        ]
      },
      "release_date": "2026-04-09T22:00:00.000+00:00",
      "title": "CVE-2026-39937"
    },
    {
      "cve": "CVE-2026-5762",
      "product_status": {
        "known_affected": [
          "T052638",
          "T052639",
          "T052636",
          "T052634",
          "T052635",
          "T052632",
          "T052633",
          "T052641",
          "T052630",
          "T052642",
          "T052631"
        ]
      },
      "release_date": "2026-04-09T22:00:00.000+00:00",
      "title": "CVE-2026-5762"
    }
  ]
}

CVE-2026-22711 (GCVE-0-2026-22711)

Vulnerability from cvelistv5 – Published: 2026-04-07 18:39 – Updated: 2026-04-08 22:02

Title

Stored XSS through system messages in WikiLove

Summary

Improper neutralization of alternate XSS syntax vulnerability in The Wikimedia Foundation Mediawiki - Wikilove Extension allows Cross-Site Scripting (XSS).The issue has been remediated on the `master` branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45.

Severity

6.9 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

SSVC

Exploitation: poc Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-87 - Improper neutralization of alternate XSS syntax

Assigner

wikimedia-foundation

References

2 references

URL	Tags
https://phabricator.wikimedia.org/T416502
https://gerrit.wikimedia.org/r/q/Iab86209478a0445…

Impacted products

1 product

Vendor	Product	Version
The Wikimedia Foundation	Mediawiki - Wikilove Extension	Unaffected: 1.43 Unaffected: 1.44 Unaffected: 1.45 Affected: 0 , < 1.43 (custom)

Credits

SomeRandomDeveloper

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-22711",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-07T20:34:51.173753Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-07T20:42:44.089Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Mediawiki - Wikilove Extension",
          "vendor": "The Wikimedia Foundation",
          "versions": [
            {
              "status": "unaffected",
              "version": "1.43"
            },
            {
              "status": "unaffected",
              "version": "1.44"
            },
            {
              "status": "unaffected",
              "version": "1.45"
            },
            {
              "lessThan": "1.43",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "SomeRandomDeveloper"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper neutralization of alternate XSS syntax vulnerability in The Wikimedia Foundation Mediawiki - Wikilove Extension allows Cross-Site Scripting (XSS).\u003cp\u003eThe issue has been remediated on the `master` branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45.\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "Improper neutralization of alternate XSS syntax vulnerability in The Wikimedia Foundation Mediawiki - Wikilove Extension allows Cross-Site Scripting (XSS).The issue has been remediated on the `master` branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-63",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-63 Cross-Site Scripting (XSS)"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-87",
              "description": "CWE-87 Improper neutralization of alternate XSS syntax",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T22:02:16.476Z",
        "orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
        "shortName": "wikimedia-foundation"
      },
      "references": [
        {
          "url": "https://phabricator.wikimedia.org/T416502"
        },
        {
          "url": "https://gerrit.wikimedia.org/r/q/Iab86209478a044504f5a6aea0d8c3d14f21c48b3"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Stored XSS through system messages in WikiLove",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
    "assignerShortName": "wikimedia-foundation",
    "cveId": "CVE-2026-22711",
    "datePublished": "2026-04-07T18:39:37.410Z",
    "dateReserved": "2026-01-08T23:23:42.385Z",
    "dateUpdated": "2026-04-08T22:02:16.476Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-30977 (GCVE-0-2026-30977)

Vulnerability from cvelistv5 – Published: 2026-03-10 17:40 – Updated: 2026-03-11 14:18

Title

RenderBlocking has Stored XSS in renderblocking-css with Inline Assets mode

Summary

RenderBlocking is a MediaWiki extension that allows interface administrators to specify render-blocking CSS and JavaScript. Prior to 0.1.1, there is Stored XSS in renderblocking-css with Inline Assets mode. $wgRenderBlockingInlineAssets = true and editsitecss user rights are required. This vulnerability is fixed in 0.1.1.

Severity

2 (Low)


                        
                          CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

GitHub_M

References

3 references

URL	Tags
https://github.com/lihaohong6/RenderBlocking/secu…	x_refsource_CONFIRM
https://github.com/lihaohong6/RenderBlocking/comm…	x_refsource_MISC
https://github.com/lihaohong6/RenderBlocking/rele…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
lihaohong6	RenderBlocking	Affected: < 0.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-30977",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-11T14:18:23.151930Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-11T14:18:37.430Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "RenderBlocking",
          "vendor": "lihaohong6",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "RenderBlocking is a MediaWiki extension that allows interface administrators to specify render-blocking CSS and JavaScript. Prior to 0.1.1, there is Stored XSS in renderblocking-css with Inline Assets mode. $wgRenderBlockingInlineAssets = true and editsitecss user rights are required. This vulnerability is fixed in 0.1.1."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 2,
            "baseSeverity": "LOW",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-10T17:40:38.098Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/lihaohong6/RenderBlocking/security/advisories/GHSA-4h5r-8rjm-496r",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/lihaohong6/RenderBlocking/security/advisories/GHSA-4h5r-8rjm-496r"
        },
        {
          "name": "https://github.com/lihaohong6/RenderBlocking/commit/096fc47dad9dca153b02cba3db81f412c87fb2be",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/lihaohong6/RenderBlocking/commit/096fc47dad9dca153b02cba3db81f412c87fb2be"
        },
        {
          "name": "https://github.com/lihaohong6/RenderBlocking/releases/tag/v0.1.1",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/lihaohong6/RenderBlocking/releases/tag/v0.1.1"
        }
      ],
      "source": {
        "advisory": "GHSA-4h5r-8rjm-496r",
        "discovery": "UNKNOWN"
      },
      "title": "RenderBlocking has Stored XSS in renderblocking-css with Inline Assets mode"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-30977",
    "datePublished": "2026-03-10T17:40:38.098Z",
    "dateReserved": "2026-03-07T17:53:48.816Z",
    "dateUpdated": "2026-03-11T14:18:37.430Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-39837 (GCVE-0-2026-39837)

Vulnerability from cvelistv5 – Published: 2026-04-07 19:47 – Updated: 2026-04-07 20:42

Title

Stored XSS through the dynamic table format in Cargo

Summary

Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in WikiWorks Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7.

Severity

6.3 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N

SSVC

Exploitation: poc Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-80 - Improper neutralization of Script-Related HTML tags in a web page (basic XSS)

Assigner

wikimedia-foundation

References

2 references

URL	Tags
https://phabricator.wikimedia.org/T416402
https://gerrit.wikimedia.org/r/c/mediawiki/extens…

Impacted products

1 product

Vendor	Product	Version
Wikimedia Foundation	Mediawiki - Cargo Extension	Affected: 0 , < 3.8.7 (custom)

Credits

SomeRandomDeveloper

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-39837",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-07T20:32:17.194038Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-07T20:42:42.016Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mediawiki - Cargo Extension",
          "vendor": "Wikimedia Foundation",
          "versions": [
            {
              "lessThan": "3.8.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "SomeRandomDeveloper"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in WikiWorks Mediawiki - Cargo Extension allows Stored XSS.\u003cp\u003eThis issue affects Mediawiki - Cargo Extension: before 3.8.7.\u003c/p\u003e"
            }
          ],
          "value": "Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in WikiWorks Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-592",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-592 Stored XSS"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "PASSIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": "CWE-80 Improper neutralization of Script-Related HTML tags in a web page (basic XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-07T20:01:09.925Z",
        "orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
        "shortName": "wikimedia-foundation"
      },
      "references": [
        {
          "url": "https://phabricator.wikimedia.org/T416402"
        },
        {
          "url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Cargo/+/1237979"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Stored XSS through the dynamic table format in Cargo",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
    "assignerShortName": "wikimedia-foundation",
    "cveId": "CVE-2026-39837",
    "datePublished": "2026-04-07T19:47:18.207Z",
    "dateReserved": "2026-04-07T18:21:12.572Z",
    "dateUpdated": "2026-04-07T20:42:42.016Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-39838 (GCVE-0-2026-39838)

Vulnerability from cvelistv5 – Published: 2026-04-07 19:17 – Updated: 2026-04-08 18:48

Title

ProofreadPage improperly sanitizes multiline styles using Sanitizer::checkCSS

Summary

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows XSS Targeting Non-Script Elements. The issue has been remediated on the `master` branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45.

Severity

6.9 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N

SSVC

Exploitation: poc Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-79 - Improper neutralization of input during web page generation ('cross-site scripting')

Assigner

wikimedia-foundation

References

2 references

URL	Tags
https://phabricator.wikimedia.org/T406088
https://gerrit.wikimedia.org/r/q/Idd51e18479b32b7…

Impacted products

1 product

Vendor	Product	Version
Wikimedia Foundation	MediaWiki - ProofreadPage Extension	Affected: 0 , < 1.43 (custom) Unaffected: 1.43 Unaffected: 1.44 Unaffected: 1.45

Credits

SomeRandomDeveloper

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-39838",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-07T20:33:20.274715Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-07T20:42:43.371Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MediaWiki - ProofreadPage Extension",
          "vendor": "Wikimedia Foundation",
          "versions": [
            {
              "lessThan": "1.43",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.43"
            },
            {
              "status": "unaffected",
              "version": "1.44"
            },
            {
              "status": "unaffected",
              "version": "1.45"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "SomeRandomDeveloper"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows XSS Targeting Non-Script Elements.\u003cdiv\u003e\u003cbr\u003e\u003cp\u003eThe issue has been remediated on the `master` branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45.\u003c/p\u003e\u003c/div\u003e"
            }
          ],
          "value": "Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows XSS Targeting Non-Script Elements.\nThe issue has been remediated on the `master` branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-18",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-18 XSS Targeting Non-Script Elements"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T18:48:41.035Z",
        "orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
        "shortName": "wikimedia-foundation"
      },
      "references": [
        {
          "url": "https://phabricator.wikimedia.org/T406088"
        },
        {
          "url": "https://gerrit.wikimedia.org/r/q/Idd51e18479b32b7176b43ff74ca1c49d6bdd0628"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "ProofreadPage improperly sanitizes multiline styles using Sanitizer::checkCSS",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
    "assignerShortName": "wikimedia-foundation",
    "cveId": "CVE-2026-39838",
    "datePublished": "2026-04-07T19:17:51.638Z",
    "dateReserved": "2026-04-07T18:21:12.573Z",
    "dateUpdated": "2026-04-08T18:48:41.035Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-39839 (GCVE-0-2026-39839)

Vulnerability from cvelistv5 – Published: 2026-04-07 19:29 – Updated: 2026-04-07 20:42

Title

Stored XSS through URLs in Cargo's map format

Summary

Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7.

Severity

6.3 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N

SSVC

Exploitation: poc Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-80 - Improper neutralization of Script-Related HTML tags in a web page (basic XSS)

Assigner

wikimedia-foundation

References

3 references

URL	Tags
https://phabricator.wikimedia.org/T416271
https://gerrit.wikimedia.org/r/c/mediawiki/extens…
https://gerrit.wikimedia.org/r/c/mediawiki/extens…

Impacted products

1 product

Vendor	Product	Version
Wikimedia Foundation	Mediawiki - Cargo Extension	Affected: 0 , < 3.8.7 (custom)

Credits

SomeRandomDeveloper Yaron Koren

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-39839",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-07T20:33:07.914530Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-07T20:42:43.130Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mediawiki - Cargo Extension",
          "vendor": "Wikimedia Foundation",
          "versions": [
            {
              "lessThan": "3.8.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "SomeRandomDeveloper"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Yaron Koren"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.\u003cp\u003eThis issue affects Mediawiki - Cargo Extension: before 3.8.7.\u003c/p\u003e"
            }
          ],
          "value": "Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-592",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-592 Stored XSS"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "PASSIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": "CWE-80 Improper neutralization of Script-Related HTML tags in a web page (basic XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-07T20:00:43.611Z",
        "orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
        "shortName": "wikimedia-foundation"
      },
      "references": [
        {
          "url": "https://phabricator.wikimedia.org/T416271"
        },
        {
          "url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Cargo/+/1237957"
        },
        {
          "url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Cargo/+/1237977"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Stored XSS through URLs in Cargo\u0027s map format",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
    "assignerShortName": "wikimedia-foundation",
    "cveId": "CVE-2026-39839",
    "datePublished": "2026-04-07T19:29:11.025Z",
    "dateReserved": "2026-04-07T18:21:12.573Z",
    "dateUpdated": "2026-04-07T20:42:43.130Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-39840 (GCVE-0-2026-39840)

Vulnerability from cvelistv5 – Published: 2026-04-07 19:35 – Updated: 2026-04-07 20:42

Title

CSS injection in multiple Cargo display formats

Summary

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows XSS Targeting Non-Script Elements.This issue affects Mediawiki - Cargo Extension: before 3.8.7.

Severity

5.1 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

SSVC

Exploitation: poc Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-79 - Improper neutralization of input during web page generation ('cross-site scripting')

Assigner

wikimedia-foundation

References

2 references

URL	Tags
https://phabricator.wikimedia.org/T416368
https://gerrit.wikimedia.org/r/c/mediawiki/extens…

Impacted products

1 product

Vendor	Product	Version
Wikimedia Foundation	Mediawiki - Cargo Extension	Affected: 0 , < 3.8.7 (custom)

Credits

SomeRandomDeveloper Yaron Koren

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-39840",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-07T20:32:58.690563Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-07T20:42:42.943Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mediawiki - Cargo Extension",
          "vendor": "Wikimedia Foundation",
          "versions": [
            {
              "lessThan": "3.8.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "SomeRandomDeveloper"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Yaron Koren"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows XSS Targeting Non-Script Elements.\u003cp\u003eThis issue affects Mediawiki - Cargo Extension: before 3.8.7.\u003c/p\u003e"
            }
          ],
          "value": "Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows XSS Targeting Non-Script Elements.This issue affects Mediawiki - Cargo Extension: before 3.8.7."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-18",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-18 XSS Targeting Non-Script Elements"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "PASSIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-07T20:01:41.636Z",
        "orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
        "shortName": "wikimedia-foundation"
      },
      "references": [
        {
          "url": "https://phabricator.wikimedia.org/T416368"
        },
        {
          "url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Cargo/+/1237966"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "CSS injection in multiple Cargo display formats",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
    "assignerShortName": "wikimedia-foundation",
    "cveId": "CVE-2026-39840",
    "datePublished": "2026-04-07T19:35:36.153Z",
    "dateReserved": "2026-04-07T18:21:12.573Z",
    "dateUpdated": "2026-04-07T20:42:42.943Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-39841 (GCVE-0-2026-39841)

Vulnerability from cvelistv5 – Published: 2026-04-07 19:43 – Updated: 2026-04-07 20:42

Title

Stored XSS through list fields on Cargo's page values and Special:CargoTables

Summary

Severity

6.3 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N

SSVC

Exploitation: poc Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-80 - Improper neutralization of Script-Related HTML tags in a web page (basic XSS)

Assigner

wikimedia-foundation

References

2 references

URL	Tags
https://phabricator.wikimedia.org/T416389
https://gerrit.wikimedia.org/r/c/mediawiki/extens…

Impacted products

1 product

Vendor	Product	Version
Wikimedia Foundation	Mediawiki - Cargo Extension	Affected: 0 , < 3.8.7 (custom)

Credits

Alex44019

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-39841",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-07T20:32:32.993981Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-07T20:42:42.588Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mediawiki - Cargo Extension",
          "vendor": "Wikimedia Foundation",
          "versions": [
            {
              "lessThan": "3.8.7",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Alex44019"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.\u003cp\u003eThis issue affects Mediawiki - Cargo Extension: before 3.8.7.\u003c/p\u003e"
            }
          ],
          "value": "Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-592",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-592 Stored XSS"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "PASSIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": "CWE-80 Improper neutralization of Script-Related HTML tags in a web page (basic XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-07T20:01:29.127Z",
        "orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
        "shortName": "wikimedia-foundation"
      },
      "references": [
        {
          "url": "https://phabricator.wikimedia.org/T416389"
        },
        {
          "url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Cargo/+/1237973"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Stored XSS through list fields on Cargo\u0027s page values and Special:CargoTables",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
    "assignerShortName": "wikimedia-foundation",
    "cveId": "CVE-2026-39841",
    "datePublished": "2026-04-07T19:43:48.096Z",
    "dateReserved": "2026-04-07T18:21:12.573Z",
    "dateUpdated": "2026-04-07T20:42:42.588Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-39933 (GCVE-0-2026-39933)

Vulnerability from cvelistv5 – Published: 2026-04-07 21:51 – Updated: 2026-04-08 22:00

Title

Multiple XSS vulnerabilities in GlobalWatchlist

Summary

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension allows Cross-Site Scripting (XSS). The issue has been remediated on the `master` branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45.

Severity

6.9 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

SSVC

Exploitation: none Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-79 - Improper neutralization of input during web page generation ('cross-site scripting')

Assigner

wikimedia-foundation

References

2 references

URL	Tags
https://phabricator.wikimedia.org/T418179
https://gerrit.wikimedia.org/r/q/I1fc7b7e1d234b0a…

Impacted products

1 product

Vendor	Product	Version
The Wikimedia Foundation	Mediawiki - GlobalWatchlist Extension	Unaffected: 1.43 Unaffected: 1.44 Unaffected: 1.45 Affected: 0 , < 1.43 (custom)

Credits

SomeRandomDeveloper

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-39933",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-08T15:21:55.998757Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-08T15:22:06.029Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Mediawiki - GlobalWatchlist Extension",
          "vendor": "The Wikimedia Foundation",
          "versions": [
            {
              "status": "unaffected",
              "version": "1.43"
            },
            {
              "status": "unaffected",
              "version": "1.44"
            },
            {
              "status": "unaffected",
              "version": "1.45"
            },
            {
              "lessThan": "1.43",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "SomeRandomDeveloper"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension allows Cross-Site Scripting (XSS). The issue has been remediated on the `master` branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in The Wikimedia Foundation Mediawiki - GlobalWatchlist Extension allows Cross-Site Scripting (XSS). The issue has been remediated on the `master` branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-63",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-63 Cross-Site Scripting (XSS)"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T22:00:59.635Z",
        "orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
        "shortName": "wikimedia-foundation"
      },
      "references": [
        {
          "url": "https://phabricator.wikimedia.org/T418179"
        },
        {
          "url": "https://gerrit.wikimedia.org/r/q/I1fc7b7e1d234b0aaf9f7d782a65da1451577587e"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Multiple XSS vulnerabilities in GlobalWatchlist",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
    "assignerShortName": "wikimedia-foundation",
    "cveId": "CVE-2026-39933",
    "datePublished": "2026-04-07T21:51:55.476Z",
    "dateReserved": "2026-04-07T21:25:36.589Z",
    "dateUpdated": "2026-04-08T22:00:59.635Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-39934 (GCVE-0-2026-39934)

Vulnerability from cvelistv5 – Published: 2026-04-07 22:00 – Updated: 2026-04-08 22:04

Title

Growth Experiments ReassignMenteesJob runs as an infinite loop

Summary

Loop with unreachable exit condition ('infinite loop') vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This issue was remediated only on the `master` branch.

Severity

6.9 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-835 - Loop with unreachable exit condition ('infinite loop')

Assigner

wikimedia-foundation

References

2 references

URL	Tags
https://phabricator.wikimedia.org/T418222
https://gerrit.wikimedia.org/r/c/1243874

Impacted products

1 product

Vendor	Product	Version
The Wikimedia Foundation	Mediawiki - GrowthExperiments Extension	Affected: 1.45 Affected: 1.44 Affected: 1.43 Affected: 0 , < 1.43 (custom)

Credits

Urbanecm_WMF Michael

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-39934",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-08T15:20:23.112186Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-08T15:20:39.477Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Mediawiki - GrowthExperiments Extension",
          "vendor": "The Wikimedia Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "1.45"
            },
            {
              "status": "affected",
              "version": "1.44"
            },
            {
              "status": "affected",
              "version": "1.43"
            },
            {
              "lessThan": "1.43",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Urbanecm_WMF"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Michael"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Loop with unreachable exit condition (\u0027infinite loop\u0027) vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This issue was remediated only on the `master` branch."
            }
          ],
          "value": "Loop with unreachable exit condition (\u0027infinite loop\u0027) vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This issue was remediated only on the `master` branch."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-29",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-835",
              "description": "CWE-835 Loop with unreachable exit condition (\u0027infinite loop\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T22:04:41.006Z",
        "orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
        "shortName": "wikimedia-foundation"
      },
      "references": [
        {
          "url": "https://phabricator.wikimedia.org/T418222"
        },
        {
          "url": "https://gerrit.wikimedia.org/r/c/1243874"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Growth Experiments ReassignMenteesJob runs as an infinite loop",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
    "assignerShortName": "wikimedia-foundation",
    "cveId": "CVE-2026-39934",
    "datePublished": "2026-04-07T22:00:46.100Z",
    "dateReserved": "2026-04-07T21:25:36.589Z",
    "dateUpdated": "2026-04-08T22:04:41.006Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-39935 (GCVE-0-2026-39935)

Vulnerability from cvelistv5 – Published: 2026-04-07 22:04 – Updated: 2026-04-08 22:06

Title

XSS-via-i18n in localised wiki names

Summary

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in The Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting (XSS). This issue was remediated only on the `master` branch.

Severity

6.9 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

SSVC

Exploitation: none Automatable: yes Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-79 - Improper neutralization of input during web page generation ('cross-site scripting')

Assigner

wikimedia-foundation

References

2 references

URL	Tags
https://phabricator.wikimedia.org/T418254
https://gerrit.wikimedia.org/r/c/1249320

Impacted products

1 product

Vendor	Product	Version
The Wikimedia Foundation	Mediawiki - CampaignEvents Extension	Affected: 1.43 Affected: 1.44 Affected: 1.45 Affected: 0 , < 1.43 (custom)

Credits

Daimona

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-39935",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-08T14:05:08.221177Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-08T14:05:53.360Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Mediawiki - CampaignEvents Extension",
          "vendor": "The Wikimedia Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "1.43"
            },
            {
              "status": "affected",
              "version": "1.44"
            },
            {
              "status": "affected",
              "version": "1.45"
            },
            {
              "lessThan": "1.43",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Daimona"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in The Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting (XSS).\u0026nbsp;This issue was remediated only on the `master` branch."
            }
          ],
          "value": "Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027) vulnerability in The Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting (XSS).\u00a0This issue was remediated only on the `master` branch."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-63",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-63 Cross-Site Scripting (XSS)"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper neutralization of input during web page generation (\u0027cross-site scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T22:06:48.795Z",
        "orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
        "shortName": "wikimedia-foundation"
      },
      "references": [
        {
          "url": "https://phabricator.wikimedia.org/T418254"
        },
        {
          "url": "https://gerrit.wikimedia.org/r/c/1249320"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "XSS-via-i18n in localised wiki names",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc",
    "assignerShortName": "wikimedia-foundation",
    "cveId": "CVE-2026-39935",
    "datePublished": "2026-04-07T22:04:02.098Z",
    "dateReserved": "2026-04-07T21:25:36.589Z",
    "dateUpdated": "2026-04-08T22:06:48.795Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2026-1043

CVE-2026-22711 (GCVE-0-2026-22711)

CVE-2026-30977 (GCVE-0-2026-30977)

CVE-2026-39837 (GCVE-0-2026-39837)

CVE-2026-39838 (GCVE-0-2026-39838)

CVE-2026-39839 (GCVE-0-2026-39839)

CVE-2026-39840 (GCVE-0-2026-39840)

CVE-2026-39841 (GCVE-0-2026-39841)

CVE-2026-39933 (GCVE-0-2026-39933)

CVE-2026-39934 (GCVE-0-2026-39934)

CVE-2026-39935 (GCVE-0-2026-39935)

Tags

Sightings

Nomenclature