216.73.217.64

CVE-2026-22712

· Published 09/01/2026 00:15 · Modified 09/01/2026 20:15

Labels: CVE-2026-22712 2026-01-09CVE-2026-22712CWE-116c4f26cc8-17ff-4c99-b5e2-38fc1793eacc

Essential information

Published
09/01/2026 00:15
Modified
09/01/2026 20:15
Author
Creator
CVSS
2.3 LOW (v3) 2.3 LOW (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Improper Encoding or Escaping of Output due to magic word replacement in ParserAfterTidy vulnerability in The Wikimedia Foundation Mediawiki - ApprovedRevs Extension allows Input Data Manipulation.This issue affects Mediawiki - ApprovedRevs Extension: 1.45, 1.44, 1.43, 1.39.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
c4f26cc8-17ff-4c99-b5e2-38fc1793eacc
NVD
View on NVD

Affected products (CPE)

ProductCPE
mediawiki / approved revs cpe:2.3:a:mediawiki:approved_revs:1.39:*:*:*:*:*:*:*
mediawiki / approved revs cpe:2.3:a:mediawiki:approved_revs:1.43:*:*:*:*:*:*:*
mediawiki / approved revs cpe:2.3:a:mediawiki:approved_revs:1.44:*:*:*:*:*:*:*
mediawiki / approved revs cpe:2.3:a:mediawiki:approved_revs:1.45:*:*:*:*:*:*:*

References