CNNVD-202510-2523 Information

CNNVD ID

CNNVD-202510-2523

Related CVE

CVE-2025-62671

• CNNVD Published: 2025-10-18

Description (Chinese)

Mediawiki - Cargo Extension是Mediawiki开源的一个查询和存储数据的插件。 Mediawiki - Cargo Extension master版本存在安全漏洞，该漏洞源于网页生成期间输入中和不当，可能导致存储型跨站脚本攻击。

Description (English)

Mediawiki - Cargo Extension is a query and storage plugin for Mediawiki open source. There is a security loophole in the Mediawiki-Cargo Extension master version, which stems from the inaccuracy of the input during the web page generation, which could lead to a storage-type cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

维基媒体

Published

2025-10-18

Last Modified

2026-02-24

References

https://gerrit.wikimedia.org/r/1179707 https://phabricator.wikimedia.org/T402147 https://access.redhat.com/security/cve/cve-2025-62671

Patch

https://phabricator.wikimedia.org/T402147