Mediawiki Growthexperiments Extension
Approved changes feed: RSS · Atom
cpe:2.3:a:the_wikimedia_foundation:mediawiki_-_growthexperiments_extension:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | The Wikimedia Foundation (dcdf6756-005f-5e7c-83d8-02490e2a2a68) |
|---|---|
| Product | Mediawiki Growthexperiments Extension (b74d0732-5a12-55cf-a86c-4b54dfa06135) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-39934 |
vulnerable | 2026-06-03 15:22:13.291616 |
Growth Experiments ReassignMenteesJob runs as an infinite loop
Loop with unreachable exit condition ('infinite loop') vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This issue was remediated only on the `master` branch.
Published: 2026-04-07T22:00:46.100Z
Updated: 2026-04-08T22:04:41.006Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-22713 |
vulnerable | 2026-06-03 15:15:53.985386 |
Stored XSS through edit summaries in GrowthExperiments
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - GrowthExperiments Extension: 1.45, 1.44, 1.43, 1.39.
Published: 2026-01-09T00:00:57.596Z
Updated: 2026-01-09T19:17:27.530Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-62668 |
vulnerable | 2026-06-03 15:09:34.924549 |
Insufficient permission checks in action=growthsetmentor
Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Resource Leak Exposure.This issue affects Mediawiki - GrowthExperiments Extension: from master before 1.39.
Published: 2025-10-18T04:39:28.390Z
Updated: 2025-10-20T16:27:08.378Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-62667 |
vulnerable | 2026-06-03 15:09:34.924084 |
Stored XSS through article extracts in GrowthExperiments
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Stored XSS.This issue affects Mediawiki - GrowthExperiments Extension: from master before 1.39.
Published: 2025-10-18T04:42:30.610Z
Updated: 2025-10-20T16:02:21.267Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.