CNNVD-202602-499 Information
Feb 03, 2026
cve
CNNVD ID
CNNVD-202602-499
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
Wikimedia MediaWiki是Wikimedia基金会的一个用于构建Wiki网站的Web应用。 Wikimedia MediaWiki 1.43.6之前版本、1.44.3之前版本和1.45.1之前版本存在安全漏洞,该漏洞源于resources/src/mediawiki.Page.Preview.Js文件对输入中和不当,可能导致跨站脚本攻击。
Description (English)
Wikimedia MediaWiki is a Web application of the Wikimedia Foundation to construct the Wiki website. There is a security loophole in the pre-WikimediaWiki 1.43.6, pre-1.44.3 and pre-1.45.1 versions, which stems from the misalignment of the data/src/mediawiki.Page.Preview.Js documents, which may lead to cross-site script attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
维基媒体
Published
2026-02-03
Last Modified
2026-02-24
References
https://phabricator.wikimedia.org/T409226
Patch
https://www.mediawiki.org/wiki/Download
Share on: