Mediawiki Proofreadpage Extension
Approved changes feed: RSS · Atom
cpe:2.3:a:wikimedia_foundation:mediawiki_-_proofreadpage_extension:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Wikimedia Foundation (f7943c01-50f6-53ec-b645-b355c8f75e02) |
|---|---|
| Product | Mediawiki Proofreadpage Extension (57605cb0-3b13-5eb7-aa45-58aedb942d22) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-39838 |
vulnerable | 2026-06-03 15:22:13.168051 |
ProofreadPage improperly sanitizes multiline styles using Sanitizer::checkCSS
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows XSS Targeting Non-Script Elements.
The issue has been remediated on the `master` branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45.
Published: 2026-04-07T19:17:51.638Z
Updated: 2026-04-08T18:48:41.035Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-0670 |
vulnerable | 2026-06-03 15:14:42.528114 |
Stored XSS through a system message and a user-provided parameter in ProofreadPage
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows Cross-Site Scripting (XSS).This issue affects MediaWiki - ProofreadPage Extension: 1.45, 1.44, 1.43, 1.39.
Published: 2026-01-07T18:55:42.559Z
Updated: 2026-01-07T19:25:36.796Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.