Security Advisory

CVE-2025-21612

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-06 15:47:27

Last updated 2025-08-26 19:48:04

Assigner GitHub_M

State PUBLISHED

Description

TabberNeue is a MediaWiki extension that allows the wiki to create tabs. Prior to 2.7.2, TabberTransclude.php doesnt escape the user-supplied page name when outputting, so an XSS payload as the page name can be used here. This vulnerability is fixed in 2.7.2.

← Browse all CVEs View on cve.org ↗