Debian Mediawiki vulnerabilities

CVE-2025-67477 [NONE] CVE-2025-67477: mediawiki - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site ... Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js. This issue affects MediaWiki: from * before 1.44.3, 1.45.1. Scope: local bookworm: resolved bullseye: resolve

CVE-2025-6595 [NONE] CVE-2025-6595: mediawiki - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site ... Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MultimediaViewer.This issue affects MultimediaViewer: from * before 1.39.13, 1.42.7, 1.43.2, 1.44.0. Scope: local bookworm: resolved (fixed in 1:1.39.13-1~deb12u1) bullseye: resolved (fixed in 1:1.35.13-1+deb11u4) forky: resolved (fixed i

CVE-2025-67484 [NONE] CVE-2025-67484: mediawiki - Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associate... Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1. Scope: local bookworm: resolved (fixed in 1:1.39.17-1~deb12u1) bullseye: resolved (fixed in 1:1.35.13-1+deb11u6) forky: resolved (fixed in 1:1.43.6+dfsg-1) s

CVE-2025-3469 [NONE] CVE-2025-3469: mediawiki - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site ... Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLMultiSelectField.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1. Scope: local bookworm: resolved (fixed in 1:1.39.12-1~deb12u1)

CVE-2025-32697 [NONE] CVE-2025-32697: mediawiki - Improper Preservation of Permissions vulnerability in Wikimedia Foundation Media... Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/editpage/IntroMessageBuilder.Php, includes/Permissions/PermissionManager.Php, includes/Permissions/RestrictionStore.Php. This issue affects MediaWiki: before 1.42.6, 1.43.1. Scope: local bookworm: open bullseye: open fo

CVE-2025-32696 [NONE] CVE-2025-32696: mediawiki - Improper Preservation of Permissions vulnerability in Wikimedia Foundation Media... Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/actions/RevertAction.Php, includes/api/ApiFileRevert.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1. Scope: local bookworm: resolved (fixed in 1:1.39.12-1~deb12u1) bullseye: resolved (fixed in 1:1.35.

CVE-2025-67481 [NONE] CVE-2025-67481: mediawiki - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site ... Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.JqueryMsg/mediawiki.JqueryMsg.Js. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1. Scope: local bookworm: resolved (fixed

CVE-2025-11173 [NONE] CVE-2025-11173: mediawiki - Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated... Vulnerability in Wikimedia Foundation OATHAuth. This vulnerability is associated with program files src/Special/OATHManage.Php. This issue affects OATHAuth: from * before 1.39.14, 1.43.4, 1.44.1. Scope: local bookworm: resolved (fixed in 1:1.39.17-1~deb12u1) bullseye: resolved (fixed in 1:1.35.13-1+deb11u5) forky: resolved (fixed in 1:1.43.5+dfsg-1) sid: resolved

CVE-2025-67479 [NONE] CVE-2025-67479: mediawiki - Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This... Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Cite: from * before 1.39.14, 1.43.4, 1.44.1. Scope: local bookworm: resolved (fixed in 1:1.39.17-

CVE-2025-6591 [NONE] CVE-2025-6591: mediawiki - Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associate... Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiFeedContributions.Php. This issue affects MediaWiki: from * before 1.39.13, 1.42.7 1.43.2, 1.44.0. Scope: local bookworm: resolved (fixed in 1:1.39.13-1~deb12u1) bullseye: resolved (fixed in 1:1.35.13-1+deb11u4) forky: resolved (fixed in 1:1.43.3+dfsg

CVE-2025-67478 [NONE] CVE-2025-67478: mediawiki - Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associate... Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from * before 1.39.14, 1.43.4, 1.44.1. Scope: local bookworm: resolved (fixed in 1:1.39.17-1~deb12u1) bullseye: resolved (fixed in 1:1.35.13-1+deb11u6) forky: resolved (fixed in 1:1.43.6+dfsg-1) sid: resol

CVE-2025-61638 [NONE] CVE-2025-61638: mediawiki - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site ... Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid. This vulnerability is associated with program files includes/parser/Sanitizer.Php, src/Core/Sanitizer.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Parsoid: from * bef

CVE-2025-11261 [NONE] CVE-2025-11261: mediawiki - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site ... Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Language/mediawiki.Language.Js. This issue affects MediaWiki: from * before 1.39.15, 1.43.5, 1.44.2. Scope: local bookworm: resolved (fixed in 1:1.39

CVE-2025-61655 [NONE] CVE-2025-61655: mediawiki - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site ... Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js, modules/ve-mw/ui/dialogs/ve.Ui.MWSaveDialog.Js. This issue affects Visual

CVE-2025-67480 [NONE] CVE-2025-67480: mediawiki - Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associate... Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1. Scope: local bookworm: resolved (fixed in 1:1.39.17-1~deb12u1) bullseye: resolved (fixed in 1:1.35.13-1+deb11u6) forky: resolved (fixed in 1:1.43.6+

CVE-2025-61640 [NONE] CVE-2025-61640: mediawiki - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site ... Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Rcfilters/ui/RclToOrFromWidget.Js. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1. Scope: local bookworm: resolved (fixed in 1:1

CVE-2025-61635 [NONE] CVE-2025-61635: mediawiki - Vulnerability in Wikimedia Foundation ConfirmEdit. This vulnerability is associa... Vulnerability in Wikimedia Foundation ConfirmEdit. This vulnerability is associated with program files includes/FancyCaptcha/ApiFancyCaptchaReload.Php. This issue affects ConfirmEdit: *. Scope: local bookworm: resolved (fixed in 1:1.39.17-1~deb12u1) bullseye: resolved (fixed in 1:1.35.13-1+deb11u5) forky: resolved (fixed in 1:1.43.5+dfsg-1) sid: resolved (fixed in

CVE-2025-6594 [NONE] CVE-2025-6594: mediawiki - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site ... Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandbox.Js. This issue affects MediaWiki: from 1.27.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0. Scope: local bookworm: resolved (fix

CVE-2025-6597 [NONE] CVE-2025-6597: mediawiki - Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associate... Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/auth/AuthManager.Php. This issue affects MediaWiki: from * before 1.39.13, 1.42.7, 1.43.2, 1.44.0. Scope: local bookworm: resolved (fixed in 1:1.39.13-1~deb12u1) bullseye: resolved (fixed in 1:1.35.13-1+deb11u4) forky: resolved (fixed in 1:1.43.3+dfsg-1) sid

CVE-2025-61656 [NONE] CVE-2025-61656: mediawiki - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site ... Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/ce/ve.Ce.ClipboardHandler.Js. This issue affects VisualEditor: from * before 1.39.14, 1.43.4, 1.44.1. Scope: local bookworm: resolved (fixed in 1:1.39.17-1~deb12u1) b