VYPR
Medium severity6.1NVD Advisory· Published Feb 3, 2026· Updated Apr 9, 2026

CVE-2025-67477

CVE-2025-67477

Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js.

This issue affects MediaWiki: from * before 1.44.3, 1.45.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*range: >=1.44.0,<1.44.3
    • cpe:2.3:a:mediawiki:mediawiki:1.45.0:*:*:*:*:*:*:*
  • Range: <1.44.3, >=1.45.0 <1.45.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.