CVE-2025-67483 Security Details

CVE ID

CVE-2025-67483

CWE

CWE-79

CVE Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Page.Preview.Js. This issue affects MediaWiki: from * before 1.43.6, 1.44.3, 1.45.1.

Published

Feb 4, 2026

CVSS Score & Severity

6.1Medium

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS Score

0.021%

Malware

malware

KEV Status

Not in KEV Catalog: No known exploits

Affected Ecosystems

affected

Source

National Vulnerability Database

References

https://security-tracker.debian.org/tracker/CVE-2025-67483THIRD_PARTY