CNNVD-202602-180 Information
Feb 03, 2026
cve
CNNVD ID
CNNVD-202602-180
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
MediaWiki是美国维基媒体(Wikimedia)基金会的一套自由免费的基于网络的Wiki引擎。该产品可用于部署内部的知识管理和内容管理系统。 MediaWiki存在安全漏洞,该漏洞源于程序文件resources/src/mediawiki.Rcfilters/ui/WatchlistTopSectionWidget.Js存在输入中和不当,可能导致跨站脚本攻击。
Description (English)
MediaWiki is a free, free, web-based Wiki engine for the Wikimedia Foundation in the United States. The product can be used for the deployment of internal knowledge management and content management systems. MediaWiki has a security loophole, which stems from the fact that the program document is available/src/mediawiki.Rcfilters/ui/watchlistToptionWidget.Js is not well entered and may result in a cross-site script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
维基媒体
Published
2026-02-03
Last Modified
2026-02-24
References
https://phabricator.wikimedia.org/T403411
Patch
https://phabricator.wikimedia.org/T403411
Share on: