CVE-2026-39935 - XSS-via-i18n in localised wiki names
CVE ID :CVE-2026-39935
Published : April 7, 2026, 11:16 p.m. | 1 hour, 52 minutes ago
Description :Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in The Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - CampaignEvents Extension: 1.43.7, 1.44.4, 1.45.2.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : April 7, 2026, 11:16 p.m. | 1 hour, 52 minutes ago
Description :Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in The Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - CampaignEvents Extension: 1.43.7, 1.44.4, 1.45.2.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...