wid-sec-w-2026-2170
·
Published 2026-07-01
·
View on BSI CERT-Bund ↗
MediaWiki and Extensions: Multiple Vulnerabilities
CVSS N/A
NONE
Risk Summary
Ein Angreifer kann mehrere Schwachstellen in MediaWiki ausnutzen, um Cross-Site-Scripting-Angriffe durchzuführen, Benutzer auf bösartige Websites umzuleiten, die Authentifizierung zu umgehen oder SQL-Injection-Angriffe durchzuführen.
Affected Vendors
Open Source
Affected Products (26)
Open Source
·
MediaWiki
<1.46.0
Open Source
·
MediaWiki
1.46.0
Open Source
·
MediaWiki
UrlShortener Extension <1.43.9
Open Source
·
MediaWiki
UrlShortener Extension 1.43.9
Open Source
·
MediaWiki
UrlShortener Extension <1.44.6
Open Source
·
MediaWiki
UrlShortener Extension 1.44.6
Open Source
·
MediaWiki
UrlShortener Extension <1.45.4
Open Source
·
MediaWiki
UrlShortener Extension 1.45.4
Open Source
·
MediaWiki
Cargo Extension <1.43.9
Open Source
·
MediaWiki
Cargo Extension 1.43.9
Open Source
·
MediaWiki
Cargo Extension <1.44.6
Open Source
·
MediaWiki
Cargo Extension 1.44.6
Open Source
·
MediaWiki
Cargo Extension <1.45.4
Open Source
·
MediaWiki
Cargo Extension 1.45.4
Open Source
·
MediaWiki
WikiLambda Extension <1.43.9
Open Source
·
MediaWiki
WikiLambda Extension 1.43.9
Open Source
·
MediaWiki
WikiLambda Extension <1.44.6
Open Source
·
MediaWiki
WikiLambda Extension 1.44.6
Open Source
·
MediaWiki
WikiLambda Extension <1.45.4
Open Source
·
MediaWiki
WikiLambda Extension 1.45.4
Open Source
·
MediaWiki
Charts Extension <1.43.9
Open Source
·
MediaWiki
Charts Extension 1.43.9
Open Source
·
MediaWiki
Charts Extension <1.44.6
Open Source
·
MediaWiki
Charts Extension 1.44.6
Open Source
·
MediaWiki
Charts Extension <1.45.4
Open Source
·
MediaWiki
Charts Extension 1.45.4
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more