PT-2026-5738 · Wikimedia Foundation · Checkuser
Published
2026-02-03
·
Updated
2026-02-03
·
CVE-2025-61650
CVSS v4.0
1.1
Low
| Vector | AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
Name of the Vulnerable Software and Affected Versions
Wikimedia Foundation CheckUser versions prior to 795bf333272206a0189050d975e94b70eb7dc507
Description
The software contains an Improper Neutralization of Input During Web Page Generation issue, potentially leading to Cross-site Scripting (XSS). The issue is located in the
src/Services/CheckUserUserInfoCardService.Php program files.Recommendations
Update to version 795bf333272206a0189050d975e94b70eb7dc507 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Checkuser