CVE-2025-62671

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: master.

Published Oct 21, 2025

https://github.com/advisories/GHSA-gr6v-3pmp-996p https://osv-vulnerabilities.storage.googleapis.com/Packagist/GHSA-gr6v-3pmp-996p.json

CVSS ScoreMedium

6.9

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-62671

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.This issue affects Mediawiki - Cargo Extension: master.

Published Oct 21, 2025

https://github.com/advisories/GHSA-gr6v-3pmp-996p https://osv-vulnerabilities.storage.googleapis.com/Packagist/GHSA-gr6v-3pmp-996p.json

CVSS ScoreMedium

6.9


composer	mediawiki/cargo	0.10
composer	mediawiki/cargo	0.11
composer	mediawiki/cargo	1.0.1
composer	mediawiki/cargo	1.0
composer	mediawiki/cargo	1.1.1
composer	mediawiki/cargo	1.2
composer	mediawiki/cargo	1.3.1
composer	mediawiki/cargo	1.3
composer	mediawiki/cargo	1.4
composer	mediawiki/cargo	1.5
composer	mediawiki/cargo	1.6
composer	mediawiki/cargo	1.7
composer	mediawiki/cargo	2.0.1
composer	mediawiki/cargo	2.0
composer	mediawiki/cargo	2.1.1
composer	mediawiki/cargo	2.1.2
composer	mediawiki/cargo	2.1
composer	mediawiki/cargo	2.2
composer	mediawiki/cargo	2.3.1
composer	mediawiki/cargo	2.3
composer	mediawiki/cargo	2.4
composer	mediawiki/cargo	2.5
composer	mediawiki/cargo	2.6
composer	mediawiki/cargo	2.7.1
composer	mediawiki/cargo	2.7
composer	mediawiki/cargo	2.8
composer	mediawiki/cargo	3.0
composer	mediawiki/cargo	3.1
composer	mediawiki/cargo	3.2
composer	mediawiki/cargo	3.3.1
composer	mediawiki/cargo	3.3
composer	mediawiki/cargo	3.4.1
composer	mediawiki/cargo	3.4.2
composer	mediawiki/cargo	3.4.3
composer	mediawiki/cargo	3.4.4
composer	mediawiki/cargo	3.4
composer	mediawiki/cargo	3.5.1
composer	mediawiki/cargo	3.5
composer	mediawiki/cargo	3.6.1
composer	mediawiki/cargo	3.6
composer	mediawiki/cargo	3.7.1
composer	mediawiki/cargo	3.7
composer	mediawiki/cargo	3.8.1
composer	mediawiki/cargo	3.8.2
composer	mediawiki/cargo	3.8

Ecosystem	Package	Version


composer	mediawiki/cargo	0.10
composer	mediawiki/cargo	0.11
composer	mediawiki/cargo	1.0.1
composer	mediawiki/cargo	1.0
composer	mediawiki/cargo	1.1.1
composer	mediawiki/cargo	1.2
composer	mediawiki/cargo	1.3.1
composer	mediawiki/cargo	1.3
composer	mediawiki/cargo	1.4
composer	mediawiki/cargo	1.5
composer	mediawiki/cargo	1.6
composer	mediawiki/cargo	1.7
composer	mediawiki/cargo	2.0.1
composer	mediawiki/cargo	2.0
composer	mediawiki/cargo	2.1.1
composer	mediawiki/cargo	2.1.2
composer	mediawiki/cargo	2.1
composer	mediawiki/cargo	2.2
composer	mediawiki/cargo	2.3.1
composer	mediawiki/cargo	2.3
composer	mediawiki/cargo	2.4
composer	mediawiki/cargo	2.5
composer	mediawiki/cargo	2.6
composer	mediawiki/cargo	2.7.1
composer	mediawiki/cargo	2.7
composer	mediawiki/cargo	2.8
composer	mediawiki/cargo	3.0
composer	mediawiki/cargo	3.1
composer	mediawiki/cargo	3.2
composer	mediawiki/cargo	3.3.1
composer	mediawiki/cargo	3.3
composer	mediawiki/cargo	3.4.1
composer	mediawiki/cargo	3.4.2
composer	mediawiki/cargo	3.4.3
composer	mediawiki/cargo	3.4.4
composer	mediawiki/cargo	3.4
composer	mediawiki/cargo	3.5.1
composer	mediawiki/cargo	3.5
composer	mediawiki/cargo	3.6.1
composer	mediawiki/cargo	3.6
composer	mediawiki/cargo	3.7.1
composer	mediawiki/cargo	3.7
composer	mediawiki/cargo	3.8.1
composer	mediawiki/cargo	3.8.2
composer	mediawiki/cargo	3.8

Find vulnerabilities. Fix fast with AI.

CVE-2025-62671

CVE-2025-62671