Medium severity6.1NVD Advisory· Published Feb 3, 2026· Updated Apr 9, 2026
CVE-2025-67477
CVE-2025-67477
Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js.
This issue affects MediaWiki: from * before 1.44.3, 1.45.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <1.44.3, >=1.45.0 <1.45.1
Patches
Vulnerability mechanics
References
1- phabricator.wikimedia.org/T406639nvdPermissions Required
News mentions
0No linked articles in our index yet.