PT-2025-42687 · Unknown · Mediawiki Securepoll Extension

Somerandomdeveloper

·

Published

2025-10-18

·

Updated

2025-10-18

·

CVE-2025-11937

CVSS v4.0
6.9
VectorAV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
Name of the Vulnerable Software and Affected Versions Mediawiki - SecurePoll Extension versions prior to master.
Description The Mediawiki - SecurePoll Extension contains a flaw related to improper input handling during web page generation, potentially leading to Stored Cross-site Scripting (XSS). This issue allows for the injection of malicious scripts into web pages. The vulnerability exists in the SecurePoll Extension.
Recommendations Update to a newer version of the Mediawiki - SecurePoll Extension than master.

Fix

XSS

Weakness Enumeration

Related Identifiers

CVE-2025-11937

Affected Products

Mediawiki Securepoll Extension