VYPR

Mediawiki Extensions Globalblocking

by Wikimedia Foundation

Source repositories

CVEs (2)

  • CVE-2025-62656MedOct 20, 2025
    risk 0.38cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki GlobalBlocking extension allows Stored XSS.This issue affects MediaWiki GlobalBlocking extension: 1.43, 1.44.

  • CVE-2025-23073LowJan 14, 2025
    risk 0.23cvss 3.5epss 0.00

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Mediawiki - GlobalBlocking Extension allows Retrieve Embedded Sensitive Data. This issue briefly impacted the master branch of MediaWiki’s GlobalBlocking Extension.