CVE-2025-53492 – Wikimedia Foundation Mediawiki – MintyDocs Extension Stored Cross-site Scripting (XSS)

July 2, 2025

CVE ID : CVE-2025-53492

Published : July 2, 2025, 3:15 p.m. | 4 hours, 27 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Wikimedia Foundation Mediawiki – MintyDocs Extension allows Stored XSS.This issue affects Mediawiki – MintyDocs Extension: 1.39.X, 1.42.X, from 1.43.X before 1.43.2.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53493 – Wikimedia Foundation Mediawiki – MintyDocs Extension Stored Cross-site Scripting (XSS)

Next Article CVE-2025-53110 – Filesystem Model Context Protocol Servers Directory Traversal Vulnerability

The Psychology Of Color In UX Design And Digital Products

This week in AI dev tools: Claude Sonnet 4’s larger context window, ChatGPT updates, and more (August 15, 2025)

Sentry launches MCP monitoring tool

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

Your smart home device just got a performance and security boost for free

Ultrahuman brings advanced cycle and ovulation tracking to its smart ring

DistroWatch Weekly, Issue 1135

14 secret phone codes that unlock hidden features on your Android and iPhone

Air Quality Prediction System using Python ML

Air Quality Prediction System using Python ML

AI’s Hidden Thirst: The Water Behind Tech

Minesweeper game in 100 lines of pure JavaScript – easy tutorial

DistroWatch Weekly, Issue 1135

DistroWatch Weekly, Issue 1135

Ubuntu’s New “Dangerous” Daily Builds – What Are They?

gofmt – formats Go programs

CVE-2025-53492 – Wikimedia Foundation Mediawiki – MintyDocs Extension Stored Cross-site Scripting (XSS)

CVE-2025-9090 – Tenda Telnet Service Command Injection

CVE-2025-9091 – Tenda AC20 Hard-Coded Credentials Vulnerability

The AI Product Development Lifecycle: From Concept to Commercialization🚀

CVE-2025-3498 – Radiflow iSAP Smart Collector Unauthenticated Remote Command Execution and Configuration Modification

Samsung MagicINFO 9 Server Vulnerability Exploited in the Wild

CVE-2025-46441 – CTLTWP Section Widget Path Traversal Vulnerability

ChatGPT can now talk nerdy to you – plus more personalities and other upgrades beyond GPT-5

Finally, I found an Android Auto adapter that’s highly functional, lag-free, and priced well

Critical Frauscher Flaws (CVE-2025-3626 CVSS 9.1, CVE-2025-3705 CVSS 6.8): OS Command Injection Threatens Railway Systems

Microsoft mystery folder fix might need a fix of its own

CVE-2025-53492 – Wikimedia Foundation Mediawiki – MintyDocs Extension Stored Cross-site Scripting (XSS)

Related Posts