Mediawiki · Mediawiki Webauthn Extension · CVE-2025-62652
**Name of the Vulnerable Software and Affected Versions**
MediaWiki WebAuthn extension versions 1.39, 1.43, and 1.44
**Description**
A flaw exists in the MediaWiki WebAuthn extension related to improper input handling during web page generation, leading to a Stored Cross-site Scripting issue. This allows for the injection of malicious scripts. The affected component is the WebAuthn extension.
**Recommendations**
Update to a newer version that contains a fix for this vulnerability.