Yaron Koren

#20579of 53,639

12.4Total CVSS

Vulnerabilities · 2

Medium

2

Mediawiki · Cargo Extension · CVE-2026-39839

Name of the Vulnerable Software and Affected Versions Mediawiki - Cargo Extension versions prior to 3.8.7 Description A stored cross-site scripting (XSS) issue exists in the Mediawiki - Cargo Extension due to improper neutralization of script-related HTML tags. This allows for the execution of malicious scripts within the context of a user's browser. Recommendations Update Mediawiki - Cargo Extension to version 3.8.7 or later.

Unknown · Cargo Extension · CVE-2026-39840

Name of the Vulnerable Software and Affected Versions Mediawiki - Cargo Extension versions prior to 3.8.7 Description A cross-site scripting (XSS) issue exists in the Mediawiki - Cargo Extension. This allows for XSS attacks targeting non-script elements due to improper input neutralization during web page generation. Recommendations Update Mediawiki - Cargo Extension to version 3.8.7 or later.