GCVE - cpe:2.3:a:the_wikimedia_foundation:mediawiki_-_wikidata

Approved changes feed: RSS · Atom

cpe:2.3:a:the_wikimedia_foundation:mediawiki_-_wikidata_extension:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	The Wikimedia Foundation (`dcdf6756-005f-5e7c-83d8-02490e2a2a68`)
Product	Mediawiki Wikidata Extension (`0334f600-e387-5810-a976-2dfb46555d2f`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-32071`	vulnerable	2026-06-03 15:00:39.884630	Wikibase CommonsInlineImageFormatter: i18n XSS Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Wikidata Extension allows Cross-Site Scripting (XSS) from widthheight message via ImageHandler::getDimensionsString()This issue affects Mediawiki - Wikidata Extension: from 1.39 through 1.43. Published: 2025-04-11T16:19:46.163Z Updated: 2025-07-07T14:17:52.085Z Open on db.gcve.eu Reference links https://phabricator.wikimedia.org/T389369 https://gerrit.wikimedia.org/r/q/Iac1f1c27054bfd1a4a4251281ab8c72f59204a90	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.