Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-67477

Опубликовано: 03 фев. 2026
Источник: debian

Описание

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from * before 1.44.3, 1.45.1.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mediawikifixed1:1.43.6+dfsg-1package
mediawikifixed1:1.43.6+dfsg-1~deb13u1trixiepackage
mediawikinot-affectedbookwormpackage
mediawikinot-affectedbullseyepackage

Примечания

  • https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/FOY6VXTBCCHIGYGSTQBPN3UFCL6CAX6Y/

  • https://phabricator.wikimedia.org/T406639

  • https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1217332 (master)

  • https://gerrit.wikimedia.org/r/c/mediawiki/core/+/1217295 (REL1_43)

Связанные уязвимости

ubuntu логотип

CVE-2025-67477

ubuntu
2 месяца назад

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from * before 1.44.3, 1.45.1.

redhat логотип

CVE-2025-67477

CVSS3: 4.8
redhat
2 месяца назад

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from * before 1.44.3, 1.45.1.

nvd логотип

CVE-2025-67477

nvd
2 месяца назад

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from * before 1.44.3, 1.45.1.

github логотип

GHSA-p9cm-3vjx-2fr4

github
2 месяца назад

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from * before 1.44.3, 1.45.1.