CVE-2025-53482 – Wikimedia Foundation Mediawiki – IPInfo Extension Cross-Site Scripting (XSS) Vulnerability

July 4, 2025

CVE ID : CVE-2025-53482

Published : July 4, 2025, 4:15 p.m. | 2 hours, 57 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Wikimedia Foundation Mediawiki – IPInfo Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki – IPInfo Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53483 – Mediawiki SecurePoll CSRF

Next Article CVE-2025-53481 – WikiMedia Mediawiki IPInfo Extension Uncontrolled Resource Consumption DoS

10 Top Node.js Development Companies for Enterprise-Scale Projects (2025-2026 Ranked & Reviewed)

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

“A fantastic device for creative users” — this $550 discount on ASUS’s 3K OLED creator laptop disappears before Prime Day

Distribution Release: Rhino Linux 2025.3

Just days after joining Game Pass, the Xbox PC edition of Call of Duty: WW2 is taken offline for “an issue”

Xbox layoffs and game cuts wreak havoc on talented developers and the company’s future portfolio — Weekend discussion 💬

Flaget – new small 5kB CLI argument parser

Flaget – new small 5kB CLI argument parser

The dog days of JavaScript summer

Databricks Lakebase – Database Branching in Action

“A fantastic device for creative users” — this $550 discount on ASUS’s 3K OLED creator laptop disappears before Prime Day

“A fantastic device for creative users” — this $550 discount on ASUS’s 3K OLED creator laptop disappears before Prime Day

Distribution Release: Rhino Linux 2025.3

EmptyEpsilon – spaceship bridge simulator game

CVE-2025-53482 – Wikimedia Foundation Mediawiki – IPInfo Extension Cross-Site Scripting (XSS) Vulnerability

CVE-2025-1317 – Apache HTTP Server Remote Code Execution Vulnerability

CVE-2025-1318 – CVE-2022-1234: Cisco WebEx Meeting Center Unvalidated Redirect

CVE-2025-4303 – PHPGurukul Human Metapneumovirus Testing Management System SQL Injection Vulnerability

Linkwarden – self-hosted collaborative book manager

CVE-2025-35006 – Microhard BulletLTE-NA2 and IPn4Gii-NA2 Command Injection Vulnerability

I thought my favorite browser blocked trackers but this free privacy tool proved me wrong

CVE-2025-48921 – Drupal Open Social CSRF Vulnerability

CVE-2025-49439 – Mariusz88AtelierWeb Atelier Create CV CSRF Vulnerability

CVE-2025-43555 – Animate Integer Underflow Allows Arbitrary Code Execution

CVE-2024-13914 – “WordPress File Manager Advanced Shortcode Local File Inclusion Vulnerability”

CVE-2025-53482 – Wikimedia Foundation Mediawiki – IPInfo Extension Cross-Site Scripting (XSS) Vulnerability

Related Posts