Approved Revs

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-22712 MEDIUM POC PATCH This Month

Improper output encoding in MediaWiki's Approved Revs extension through magic word replacement allows unauthenticated attackers to manipulate input data and conduct content injection attacks. Affected versions 1.39, 1.43, 1.44, and 1.45 are vulnerable to this network-accessible flaw that requires user interaction, and public exploit code exists. A patch is available to remediate the vulnerability.

Mediawiki Approved Revs

NVD

CVSS 3.1

4.3

EPSS

0.0%

CVE-2026-22712

EPSS 0% CVSS 4.3

MEDIUM POC PATCH This Month

Improper output encoding in MediaWiki's Approved Revs extension through magic word replacement allows unauthenticated attackers to manipulate input data and conduct content injection attacks. Affected versions 1.39, 1.43, 1.44, and 1.45 are vulnerable to this network-accessible flaw that requires user interaction, and public exploit code exists. A patch is available to remediate the vulnerability.

Mediawiki Approved Revs

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy