CVE-2025-6595

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MultimediaViewer.This issue affects MultimediaViewer: from * before 1.39.13, 1.42.7, 1.43.2, 1.44.0.

Published Feb 3, 2026

https://github.com/advisories/GHSA-3hx4-75gf-pcm8

CVSS ScoreMedium

6.9

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-6595

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MultimediaViewer.This issue affects MultimediaViewer: from * before 1.39.13, 1.42.7, 1.43.2, 1.44.0.

Published Feb 3, 2026

https://github.com/advisories/GHSA-3hx4-75gf-pcm8

CVSS ScoreMedium

6.9


composer	mediawiki/core	1.20.3
composer	mediawiki/core	1.20.4
composer	mediawiki/core	1.20.5
composer	mediawiki/core	1.20.6
composer	mediawiki/core	1.20.7
composer	mediawiki/core	1.20.8
composer	mediawiki/core	1.21.0
composer	mediawiki/core	1.21.10
composer	mediawiki/core	1.21.11
composer	mediawiki/core	1.21.1
composer	mediawiki/core	1.21.2
composer	mediawiki/core	1.21.3
composer	mediawiki/core	1.21.4
composer	mediawiki/core	1.21.5
composer	mediawiki/core	1.21.6
composer	mediawiki/core	1.21.7
composer	mediawiki/core	1.21.8
composer	mediawiki/core	1.21.9
composer	mediawiki/core	1.22.0rc0
composer	mediawiki/core	1.24.0-rc.0
composer	mediawiki/core	1.24.0-rc.1
composer	mediawiki/core	1.24.0-rc.2
composer	mediawiki/core	1.24.0-rc.3
composer	mediawiki/core	1.24.0
composer	mediawiki/core	1.24.1
composer	mediawiki/core	1.24.2
composer	mediawiki/core	1.24.3
composer	mediawiki/core	1.24.4
composer	mediawiki/core	1.24.5
composer	mediawiki/core	1.24.6
composer	mediawiki/core	1.25.0-rc.0
composer	mediawiki/core	1.25.0
composer	mediawiki/core	1.25.1
composer	mediawiki/core	1.25.2
composer	mediawiki/core	1.25.3
composer	mediawiki/core	1.25.4
composer	mediawiki/core	1.25.5
composer	mediawiki/core	1.25.6
composer	mediawiki/core	1.26.0
composer	mediawiki/core	1.26.1
composer	mediawiki/core	1.26.2
composer	mediawiki/core	1.26.3
composer	mediawiki/core	1.26.4
composer	mediawiki/core	1.27.0-rc.0
composer	mediawiki/core	1.27.0-rc.1
composer	mediawiki/core	1.27.0
composer	mediawiki/core	1.27.1
composer	mediawiki/core	1.27.2
composer	mediawiki/core	1.27.3
composer	mediawiki/core	1.27.4

Ecosystem	Package	Version


composer	mediawiki/core	1.20.3
composer	mediawiki/core	1.20.4
composer	mediawiki/core	1.20.5
composer	mediawiki/core	1.20.6
composer	mediawiki/core	1.20.7
composer	mediawiki/core	1.20.8
composer	mediawiki/core	1.21.0
composer	mediawiki/core	1.21.10
composer	mediawiki/core	1.21.11
composer	mediawiki/core	1.21.1
composer	mediawiki/core	1.21.2
composer	mediawiki/core	1.21.3
composer	mediawiki/core	1.21.4
composer	mediawiki/core	1.21.5
composer	mediawiki/core	1.21.6
composer	mediawiki/core	1.21.7
composer	mediawiki/core	1.21.8
composer	mediawiki/core	1.21.9
composer	mediawiki/core	1.22.0rc0
composer	mediawiki/core	1.24.0-rc.0
composer	mediawiki/core	1.24.0-rc.1
composer	mediawiki/core	1.24.0-rc.2
composer	mediawiki/core	1.24.0-rc.3
composer	mediawiki/core	1.24.0
composer	mediawiki/core	1.24.1
composer	mediawiki/core	1.24.2
composer	mediawiki/core	1.24.3
composer	mediawiki/core	1.24.4
composer	mediawiki/core	1.24.5
composer	mediawiki/core	1.24.6
composer	mediawiki/core	1.25.0-rc.0
composer	mediawiki/core	1.25.0
composer	mediawiki/core	1.25.1
composer	mediawiki/core	1.25.2
composer	mediawiki/core	1.25.3
composer	mediawiki/core	1.25.4
composer	mediawiki/core	1.25.5
composer	mediawiki/core	1.25.6
composer	mediawiki/core	1.26.0
composer	mediawiki/core	1.26.1
composer	mediawiki/core	1.26.2
composer	mediawiki/core	1.26.3
composer	mediawiki/core	1.26.4
composer	mediawiki/core	1.27.0-rc.0
composer	mediawiki/core	1.27.0-rc.1
composer	mediawiki/core	1.27.0
composer	mediawiki/core	1.27.1
composer	mediawiki/core	1.27.2
composer	mediawiki/core	1.27.3
composer	mediawiki/core	1.27.4

Find vulnerabilities. Fix fast with AI.

CVE-2025-6595

CVE-2025-6595