Nixpkgs security tracker
Untriaged
Permalink
CVE-2025-6591
4.7 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): CHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): NONE
- Availability impact (A): NONE
Activity log
- Created suggestion
HTML injection in API action=feedcontributions output from i18n message
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiFeedContributions.Php. This issue affects MediaWiki: from * before 1.39.13, 1.42.7 1.43.2, 1.44.0.
References
Affected products
MediaWiki
- <1.39.13, 1.42.7 1.43.2, 1.44.0
Package maintainers
-
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
-
@gshipunov Grigory Shipunov <blame@oxapentane.com>
-
@astro Astro <astro@spaceboyz.net>
-
@tanneberger Tassilo Tanneberger <revol-xut@protonmail.com>