Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - TwoColConflict Extension allows Stored XSS.This issue affects Mediawiki - TwoColConflict Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Mediawiki |
|
| Wmde-fisch |
|
Configuration 1 [-]
| AND |
|
No data.
References
History
Tue, 30 Sep 2025 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Mediawiki
Mediawiki mediawiki Wmde-fisch Wmde-fisch twocolconflict |
|
| CPEs | cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:* cpe:2.3:a:wmde-fisch:twocolconflict:*:*:*:*:*:mediawiki:*:* |
|
| Vendors & Products |
Mediawiki
Mediawiki mediawiki Wmde-fisch Wmde-fisch twocolconflict |
Wed, 02 Jul 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Wed, 02 Jul 2025 14:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - TwoColConflict Extension allows Stored XSS.This issue affects Mediawiki - TwoColConflict Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. | |
| Title | Stored XSS in TwoColConflict | |
| Weaknesses | CWE-79 | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: wikimedia-foundation
Published: 2025-07-02T14:24:54.021Z
Updated: 2025-07-10T23:31:13.659Z
Reserved: 2025-06-30T15:36:34.119Z
Link: CVE-2025-53494
Vulnrichment
Updated: 2025-07-02T14:53:49.237Z
NVD
Status : Analyzed
Published: 2025-07-02T15:15:28.293
Modified: 2025-09-30T20:33:53.157
Link: CVE-2025-53494
Redhat
No data.