Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in The Wikimedia Foundation Mediawiki - Charts Extension allows Cross-Site Scripting (XSS).
This issue affects Mediawiki - Charts Extension: from * before 1.43.9,1.44.6,1.45.4.
Metrics
Affected Vendors & Products
References
History
Wed, 01 Jul 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 01 Jul 2026 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in The Wikimedia Foundation Mediawiki - Charts Extension allows Cross-Site Scripting (XSS). This issue affects Mediawiki - Charts Extension: from * before 1.43.9,1.44.6,1.45.4. | |
| Title | Stored XSS in Wikimedia Chart pie tooltip via Data:*.tab field title | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: wikimedia-foundation
Published:
Updated: 2026-07-01T19:24:16.824Z
Reserved: 2026-07-01T18:31:17.357Z
Link: CVE-2026-14358
Updated: 2026-07-01T19:24:09.355Z
No data.
No data.
OpenCVE Enrichment
No data.