mediawiki cargo CVE Vulnerabilities (7)

CVEs: 7 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting mediawiki cargo (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 17 of 7 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-39841 Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7. c4f26cc8-17ff-4c99-b5e2-38fc1793eacc 6.3 0.16% 2026-04-07 2026-06-17
CVE-2026-39840 Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows XSS Targeting Non-Script Elements.This issue affects Mediawiki - Cargo Extension: before 3.8.7. c4f26cc8-17ff-4c99-b5e2-38fc1793eacc 5.1 0.16% 2026-04-07 2026-06-17
CVE-2026-39839 Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7. c4f26cc8-17ff-4c99-b5e2-38fc1793eacc 6.3 0.18% 2026-04-07 2026-06-17
CVE-2026-39837 Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in WikiWorks Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: before 3.8.7. c4f26cc8-17ff-4c99-b5e2-38fc1793eacc 6.3 0.19% 2026-04-07 2026-06-17
CVE-2024-47849 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1. c4f26cc8-17ff-4c99-b5e2-38fc1793eacc 8.8 0.51% 2024-10-04 2026-06-17
CVE-2024-47847 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1. c4f26cc8-17ff-4c99-b5e2-38fc1793eacc 6.9 0.38% 2024-10-04 2026-06-17
CVE-2024-47846 Cross-Site Request Forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows Cross Site Request Forgery.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1. c4f26cc8-17ff-4c99-b5e2-38fc1793eacc 6.9 0.26% 2024-10-04 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence