Medium severityNVD Advisory· Published Apr 7, 2026· Updated Apr 8, 2026
CVE-2026-39838
CVE-2026-39838
Description
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Wikimedia Foundation MediaWiki - ProofreadPage Extension allows XSS Targeting Non-Script Elements. The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1.45.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: >=1.43, <=1.43, >=1.44, >=1.45
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.