CVE-2025-53489 – Wikimedia Foundation Mediawiki GoogleDocs4MW Extension Cross-Site Scripting (XSS)

July 3, 2025

CVE ID : CVE-2025-53489

Published : July 3, 2025, 5:15 p.m. | 2 hours, 3 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Wikimedia Foundation Mediawiki – GoogleDocs4MW Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki – GoogleDocs4MW Extension: from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.

Severity: 5.6 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53500 – Wikimedia Foundation Mediawiki MassEditRegex Stored XSS

Next Article CVE-2025-48939 – Tarteaucitron.js Script Element Property Clobbering Vulnerability

The Psychology Of Color In UX Design And Digital Products

This week in AI dev tools: Claude Sonnet 4’s larger context window, ChatGPT updates, and more (August 15, 2025)

Sentry launches MCP monitoring tool

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

Your smart home device just got a performance and security boost for free

Ultrahuman brings advanced cycle and ovulation tracking to its smart ring

DistroWatch Weekly, Issue 1135

14 secret phone codes that unlock hidden features on your Android and iPhone

Air Quality Prediction System using Python ML

Air Quality Prediction System using Python ML

AI’s Hidden Thirst: The Water Behind Tech

Minesweeper game in 100 lines of pure JavaScript – easy tutorial

DistroWatch Weekly, Issue 1135

DistroWatch Weekly, Issue 1135

Ubuntu’s New “Dangerous” Daily Builds – What Are They?

gofmt – formats Go programs

CVE-2025-53489 – Wikimedia Foundation Mediawiki GoogleDocs4MW Extension Cross-Site Scripting (XSS)

CVE-2025-9090 – Tenda Telnet Service Command Injection

CVE-2025-9091 – Tenda AC20 Hard-Coded Credentials Vulnerability

Seagate’s 4TB Xbox Series X|S Expansion Card is $70 off — but only until June 22

CVE-2025-53687 – Apache HTTP Server Unvalidated User Input

CVE-2025-34025 – Versa Concerto Privilege Escalation and Container Escape Vulnerability

CVE-2025-5907 – TOTOLINK EX1200T HTTP POST Request Handler Buffer Overflow Vulnerability

CVE-2025-6559 – Sapido Wireless Router OS Command Injection Vulnerability

Distribution Release: RefreshOS 2.5

CVE-2025-47646 – Gilblas Ngunte Possi PSW Front-end Login & Registration Weak Password Recovery Mechanism

Build a Gemini-Powered DataFrame Agent for Natural Language Data Analysis with Pandas and LangChain

CVE-2025-53489 – Wikimedia Foundation Mediawiki GoogleDocs4MW Extension Cross-Site Scripting (XSS)

Related Posts