CVE-2025-67475
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia F
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/CommentFormatter/CommentParser.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.
MEDIUM · CVSS 6.1
EPSS 9e-05
Schedule remediation
- SSVC automatable: yes - attacks can be scripted at scale
Sigma rules0
YARA rules0