GCVE - cpe:2.3:a:wikimedia_foundation:mediawiki_-_campaignevents

Approved changes feed: RSS · Atom

cpe:2.3:a:wikimedia_foundation:mediawiki_-_campaignevents_extension:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Wikimedia Foundation (`f7943c01-50f6-53ec-b645-b355c8f75e02`)
Product	Mediawiki Campaignevents Extension (`10208935-a2be-5a57-baf6-79b7fbcd7e9e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-0817`	vulnerable	2026-06-03 15:14:42.907336	CampaignEvents API missing authorization exposes meeting and chat URLs Missing Authorization vulnerability in Wikimedia Foundation MediaWiki - CampaignEvents extension allows Privilege Abuse.This issue affects MediaWiki - CampaignEvents extension: 1.45, 1.44, 1.43, 1.39. Published: 2026-01-09T15:50:50.616Z Updated: 2026-01-09T17:37:36.036Z Open on db.gcve.eu Reference links https://phabricator.wikimedia.org/T410560 https://gerrit.wikimedia.org/r/q/I7ed0049691258c8bd2555e599b9b88490fbe3358	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-53490`	vulnerable	2026-06-03 15:03:54.154250	Multiple XSS in CampaignEvents Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - CampaignEvents Extension: from 1.43.X before 1.43.2. Published: 2025-07-03T16:04:05.491Z Updated: 2025-07-10T23:33:01.924Z Open on db.gcve.eu Reference links https://phabricator.wikimedia.org/T395622 https://gerrit.wikimedia.org/r/c/mediawiki/extensions/CampaignEvents/+/1165949	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.