CVE-2025-32077

Summary

Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - Extension:SimpleCalendar allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Extension:SimpleCalendar: from 1.39 through 1.43.

Affected Software

VendorProductVersion RangeStatus
The Wikimedia FoundationMediawiki - Extension:SimpleCalendar1.39 <= 1.43affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References