PT-2025-42859 · Mediawiki+1 · Mediawiki+1
Somerandomdeveloper
·
Published
2025-10-21
·
Updated
2025-10-21
·
CVE-2025-62695
CVSS v4.0
6.9
Medium
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L |
Name of the Vulnerable Software and Affected Versions
Mediawiki - WikiLambda Extension versions prior to master.
Description
A flaw exists in the Mediawiki - WikiLambda Extension related to improper input neutralization during web page generation, leading to a Stored Cross-site Scripting (XSS) condition. This allows for the injection of malicious scripts into web pages. The vulnerability affects the master branch of the extension.
Recommendations
Update to a version of Mediawiki - WikiLambda Extension later than master.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mediawiki
Wikilambda Extension