CVE-2026-39837
Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in WikiWorks Mediawiki - Car
Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in WikiWorks Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7.
MEDIUM · CVSS 5.4
EPSS 0.00033
Schedule remediation
- Public exploit or PoC is available
Sigma rules0
YARA rules0