CNNVD-202602-507 Information
Feb 03, 2026
cve
CNNVD ID
CNNVD-202602-507
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
Wikimedia MediaWiki是Wikimedia基金会的一个用于构建Wiki网站的Web应用。 Wikimedia MediaWiki 1.44.3之前版本和1.45.1之前版本存在安全漏洞,该漏洞源于resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js文件对输入中和不当,可能导致跨站脚本攻击。
Description (English)
Wikimedia MediaWiki is a Web application of the Wikimedia Foundation to construct the Wiki website. A security loophole existed in the previous version of WikimediaWiki 1.44.3 and the previous version of 1.45.1, which originated from the misalignment of the data/src/mediawiki.special.Apisandbox/ApiSandboxLayout.Js files, which could lead to cross-site script attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
维基媒体
Published
2026-02-03
Last Modified
2026-02-24
References
https://phabricator.wikimedia.org/T406639
Patch
https://www.mediawiki.org/wiki/Download
Share on: