Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3348 articles · 170065 vulns · 37/41 feeds (7d)
← Back to list
EST
PRE-CVE
mediawiki · mediawiki and extensions

Multiple Vulnerabilities in MediaWiki and Extensions Allow XSS, Authentication Bypass, and SQL Injection

72% confidence

Description

Multiple vulnerabilities in MediaWiki and its extensions allow an attacker to perform cross-site scripting (XSS) attacks, redirect users to malicious websites, bypass authentication, and conduct SQL injection attacks.

Affected Products

VendorProductVersions
mediawikimediawiki and extensions—

Related News (1 articles)

Tier B
BSI Advisories2h ago
[NEU] [hoch] MediaWiki und Extensions: Mehrere Schwachstellen
→ No new info (linked only)
CISA KEV❌ No
Actively exploited❌ No
CWECWE-79, CWE-287, CWE-89
PublishedJul 2, 2026
Last enriched2h ago
Tags
cross-site scriptingauthentication bypasssql injectionweb application
Trending Score27
Source articles1
Independent1
Info Completeness6/14
Missing: cve_id, versions, cvss, epss, kev, exploit, patch, iocs

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Pin to Dashboard

Verification

State: reported
Confidence: 72%

Vulnerability Timeline

CVE Published
Jul 2, 2026
Discovered by ZDM
Jul 2, 2026