{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-7362", "assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "state": "PUBLISHED", "assignerShortName": "wikimedia-foundation", "dateReserved": "2025-07-08T17:18:05.309Z", "datePublished": "2025-07-08T17:22:35.364Z", "dateUpdated": "2025-07-10T13:19:38.972Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Mediawiki - MsUpload extension", "vendor": "Wikimedia Foundation", "versions": [{"lessThan": "1.39.13", "status": "affected", "version": "1.39.x", "versionType": "semver"}, {"lessThan": "1.42.7", "status": "affected", "version": "1.42.x", "versionType": "semver"}, {"lessThan": "1.43.2", "status": "affected", "version": "1.43.x", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The MsUpload extension for MediaWiki is vulnerable to stored XSS via the msu-continue system message, which is inserted into the DOM without proper sanitization. The vulnerability occurs in the file upload UI when the same filename is uploaded twice.</p>\n\n\n<p>This issue affects Mediawiki - MsUpload extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.</p>"}], "value": "The MsUpload extension for MediaWiki is vulnerable to stored XSS via the msu-continue system message, which is inserted into the DOM without proper sanitization. The vulnerability occurs in the file upload UI when the same filename is uploaded twice.\n\n\n\n\nThis issue affects Mediawiki - MsUpload extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592 Stored XSS"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "shortName": "wikimedia-foundation", "dateUpdated": "2025-07-08T17:22:35.364Z"}, "references": [{"url": "https://phabricator.wikimedia.org/T394864"}, {"url": "https://gerrit.wikimedia.org/r/q/Icf4c0a5a936926ea887ca2e48c3a7bd297201d9f"}], "source": {"discovery": "UNKNOWN"}, "title": "MsUpload: Stored Cross-Site Scripting (XSS) via unsanitized msu-continue system message", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"references": [{"url": "https://phabricator.wikimedia.org/T394864", "tags": ["exploit"]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-07-10T13:19:17.654293Z", "id": "CVE-2025-7362", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-10T13:19:38.972Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-7362", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-10T13:19:17.654293Z"}}}], "references": [{"url": "https://phabricator.wikimedia.org/T394864", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-10T13:19:35.707Z"}}], "cna": {"title": "MsUpload: Stored Cross-Site Scripting (XSS) via unsanitized msu-continue system message", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592 Stored XSS"}]}], "affected": [{"vendor": "Wikimedia Foundation", "product": "Mediawiki - MsUpload extension", "versions": [{"status": "affected", "version": "1.39.x", "lessThan": "1.39.13", "versionType": "semver"}, {"status": "affected", "version": "1.42.x", "lessThan": "1.42.7", "versionType": "semver"}, {"status": "affected", "version": "1.43.x", "lessThan": "1.43.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://phabricator.wikimedia.org/T394864"}, {"url": "https://gerrit.wikimedia.org/r/q/Icf4c0a5a936926ea887ca2e48c3a7bd297201d9f"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "The MsUpload extension for MediaWiki is vulnerable to stored XSS via the msu-continue system message, which is inserted into the DOM without proper sanitization. The vulnerability occurs in the file upload UI when the same filename is uploaded twice.\n\n\n\n\nThis issue affects Mediawiki - MsUpload extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.", "supportingMedia": [{"type": "text/html", "value": "<p>The MsUpload extension for MediaWiki is vulnerable to stored XSS via the msu-continue system message, which is inserted into the DOM without proper sanitization. The vulnerability occurs in the file upload UI when the same filename is uploaded twice.</p>\n\n\n<p>This issue affects Mediawiki - MsUpload extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "shortName": "wikimedia-foundation", "dateUpdated": "2025-07-08T17:22:35.364Z"}}}, "cveMetadata": {"cveId": "CVE-2025-7362", "state": "PUBLISHED", "dateUpdated": "2025-07-10T13:19:38.972Z", "dateReserved": "2025-07-08T17:18:05.309Z", "assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "datePublished": "2025-07-08T17:22:35.364Z", "assignerShortName": "wikimedia-foundation"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The MsUpload extension for MediaWiki is vulnerable to stored XSS via the msu-continue system message, which is inserted into the DOM without proper sanitization. The vulnerability occurs in the file upload UI when the same filename is uploaded twice.\n\n\n\n\nThis issue affects Mediawiki - MsUpload extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2."}, {"lang": "es", "value": "La extensi\u00f3n MsUpload para MediaWiki es vulnerable a XSS almacenado mediante el mensaje de sistema msu-continue, que se inserta en el DOM sin la debida limpieza. La vulnerabilidad se produce en la interfaz de carga de archivos cuando se carga el mismo nombre de archivo dos veces. Este problema afecta a Mediawiki - extensi\u00f3n MsUpload: desde la versi\u00f3n 1.39.X hasta la 1.39.13, desde la versi\u00f3n 1.42.X hasta la 1.42.7, desde la versi\u00f3n 1.43.X hasta la 1.43.2."}], "id": "CVE-2025-7362", "lastModified": "2025-07-10T14:15:26.927", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-07-08T18:15:46.797", "references": [{"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "url": "https://gerrit.wikimedia.org/r/q/Icf4c0a5a936926ea887ca2e48c3a7bd297201d9f"}, {"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "url": "https://phabricator.wikimedia.org/T394864"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://phabricator.wikimedia.org/T394864"}], "sourceIdentifier": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "type": "Secondary"}]}

{}

{"created": "2025-07-13T22:31:26.015608+00:00", "updated": "2025-07-13T22:31:26.015661+00:00", "vendors": ["mediawiki", "mediawiki$PRODUCT$mediawiki"]}