Wikibase

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-22710 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) in MediaWiki's Wikibase extension allows authenticated attackers to inject malicious scripts through improper input handling during page generation, affecting versions 1.39, 1.43, 1.44, and 1.45. Exploitation requires user interaction and results in limited confidentiality and integrity impact within the affected application context. A patch is available and public exploit code exists for this vulnerability.

Mediawiki XSS Wikibase

NVD

CVSS 3.1

5.4

EPSS

0.0%

CVE-2026-22710

EPSS 0% CVSS 5.4

MEDIUM POC PATCH This Month

Cross-site scripting (XSS) in MediaWiki's Wikibase extension allows authenticated attackers to inject malicious scripts through improper input handling during page generation, affecting versions 1.39, 1.43, 1.44, and 1.45. Exploitation requires user interaction and results in limited confidentiality and integrity impact within the affected application context. A patch is available and public exploit code exists for this vulnerability.

Mediawiki XSS Wikibase

NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy