Medium severityNVD Advisory· Published Apr 7, 2026· Updated Apr 8, 2026
CVE-2026-39935
CVE-2026-39935
Description
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in The Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting (XSS). This issue was remediated only on the master branch.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.