Proofread Page

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-0670 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) in MediaWiki's ProofreadPage extension (versions 1.39, 1.43, 1.44, 1.45) allows attackers to inject malicious scripts through improper input sanitization during web page generation. Public exploit code exists for this vulnerability, which requires user interaction to trigger. A patch is available to remediate the issue.

Mediawiki XSS Proofread Page

NVD

CVSS 3.1

6.1

EPSS

0.0%

CVE-2026-0670

EPSS 0% CVSS 6.1

MEDIUM POC PATCH This Month

Cross-site scripting (XSS) in MediaWiki's ProofreadPage extension (versions 1.39, 1.43, 1.44, 1.45) allows attackers to inject malicious scripts through improper input sanitization during web page generation. Public exploit code exists for this vulnerability, which requires user interaction to trigger. A patch is available to remediate the issue.

Mediawiki XSS Proofread Page

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy