CVE-2025-53502

Summary

Improper Input Validation vulnerability in Wikimedia Foundation Mediawiki - FeaturedFeeds Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - FeaturedFeeds Extension: 1.39.X, 1.42.X, 1.43.X.

Affected Software

VendorProductVersion RangeStatus
Wikimedia FoundationMediawiki - FeaturedFeeds Extension1.39.xaffected
Wikimedia FoundationMediawiki - FeaturedFeeds Extension1.42.xaffected
Wikimedia FoundationMediawiki - FeaturedFeeds Extension1.43.xaffected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References