CNNVD-202602-190 Information
Feb 03, 2026
cve
CNNVD ID
CNNVD-202602-190
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
MediaWiki是美国维基媒体(Wikimedia)基金会的一套自由免费的基于网络的Wiki引擎。该产品可用于部署内部的知识管理和内容管理系统。 MediaWiki 1.39.14之前版本、1.43.4之前版本和1.44.1之前版本存在安全漏洞,该漏洞源于程序文件includes/Rest/Handler/PageHTMLHandler.Php存在问题。
Description (English)
MediaWiki is a free, free, web-based Wiki engine for the Wikimedia Foundation in the United States. The product can be used for the deployment of internal knowledge management and content management systems. There is a security loophole in the pre-MediaWiki, pre-1.43.4 and pre-1.44.1 versions, which stems from problems in the includes/Rest/handler/PageHTMLhandler.php.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
维基媒体
Published
2026-02-03
Last Modified
2026-02-24
References
https://phabricator.wikimedia.org/T387478
Patch
https://www.mediawiki.org/wiki/MediaWiki
Share on: