Security Advisory

CVE-2026-22711

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-07 18:39:37

Last updated 2026-04-08 22:02:16

Assigner wikimedia-foundation

State PUBLISHED

Description

Improper neutralization of alternate XSS syntax vulnerability in The Wikimedia Foundation Mediawiki - Wikilove Extension allows Cross-Site Scripting (XSS).The issue has been remediated on the `master` branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45.

← Browse all CVEs View on cve.org ↗