CVE-2025-32067
CVE-2025-32067
5.4
MediumPublished:
Last updated:
Source:c4f26cc8-17ff-4c99-b5e2-38fc1793eacc
Deferred
Weakness (CWE)
CVSS Vector
v3.1- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- Low
- User Interaction
- Required
- Scope
- Changed
- Confidentiality
- Low
- Integrity
- Low
- Availability
- None
Description
Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Growth Experiments Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Growth Experiments Extension: from 1.39 through 1.43.
References
c4f26cc8-17ff-4c99-b5e2-38fc1793eacc
https://gerrit.wikimedia.org/r/c/mediawiki/extensions/GrowthExperiments/+/1122163c4f26cc8-17ff-4c99-b5e2-38fc1793eacc
https://phabricator.wikimedia.org/T386963