This issue affects Mediawiki - Charts Extension: from * before 1.43.9,1.44.6,1.45.4.
No analysis available yet.
No remediation available yet.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 01 Jul 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 01 Jul 2026 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in The Wikimedia Foundation Mediawiki - Charts Extension allows Cross-Site Scripting (XSS). This issue affects Mediawiki - Charts Extension: from * before 1.43.9,1.44.6,1.45.4. | |
| Title | Stored XSS in Wikimedia Chart pie tooltip via Data:*.tab field title | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV4_0
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: wikimedia-foundation
Published:
Updated: 2026-07-01T19:24:16.824Z
Reserved: 2026-07-01T18:31:17.357Z
Link: CVE-2026-14358
Updated: 2026-07-01T19:24:09.355Z
No data.
No data.
OpenCVE Enrichment
No data.
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')