PT-2025-42667 · Mediawiki · Mediawiki Quizgame
Somerandomdeveloper
·
Published
2025-10-17
·
Updated
2025-10-18
·
CVE-2025-62654
CVSS v4.0
2.0
Low
| Vector | AV:N/AC:H/AT:P/PR:H/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:C/RE:M/U:Amber |
Name of the Vulnerable Software and Affected Versions
MediaWiki QuizGame extension versions 1.39, 1.43, and 1.44
Description
A flaw exists in the MediaWiki QuizGame extension related to improper input handling during web page generation, leading to a Stored Cross-site Scripting (XSS) condition. This allows for the injection of malicious scripts into web pages.
Recommendations
Update to a newer version of the MediaWiki QuizGame extension that contains a fix for this vulnerability.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mediawiki Quizgame