CVE-2025-53502
Description
Improper Input Validation vulnerability in Wikimedia Foundation Mediawiki - FeaturedFeeds Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - FeaturedFeeds Extension: 1.39.X, 1.42.X, 1.43.X.
CWE
- CWE-20 — CWE-20 Improper Input Validation
Affected
- Wikimedia Foundation / Mediawiki - FeaturedFeeds Extension — v=1.39.x [affected]; v=1.42.x [affected]; v=1.43.x [affected]
CVSS
- (none)
References
- https://phabricator.wikimedia.org/T392279
- https://gerrit.wikimedia.org/r/c/mediawiki/extensions/FeaturedFeeds/+/1149742
Source
cvelistV5-main/cves/2025/53xxx/CVE-2025-53502.json