CNNVD-202510-2446 Information

CNNVD ID

CNNVD-202510-2446

Related CVE

CVE-2025-62652

• CNNVD Published: 2025-10-17

Description (Chinese)

Mediawiki - WebAuthn Extension是Mediawiki开源的一个双因素认证插件。 Mediawiki - WebAuthn Extension 1.39版本、1.43版本和1.44版本存在安全漏洞，该漏洞源于网页生成期间输入中和不当，可能导致存储型跨站脚本攻击。

Description (English)

Mediawiki - WebAutn Extension is a two-factor authentication plugin for Mediawiki open source. There is a security loophole between Mediawiki - WebAutn Extension Version 1.39, 1.43 and 1.44, which stems from inappropriate input during web page generation and may result in a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

维基媒体

Published

2025-10-17

Last Modified

2026-02-24

References

https://phabricator.wikimedia.org/T403093 https://access.redhat.com/security/cve/cve-2025-62652

Patch

https://phabricator.wikimedia.org/T403093