Cross-Site Scripting Vulnerability in Wikimedia Foundation's Mediawiki - IPInfo Extension

CVE-2025-53482

What is CVE-2025-53482?

A Cross-Site Scripting (XSS) vulnerability has been identified in the IPInfo Extension of the Mediawiki software, developed by the Wikimedia Foundation. This flaw arises from improper handling of input during web page generation, which could allow attackers to inject malicious scripts. The affected versions include Mediawiki - IPInfo Extension from 1.39.X prior to 1.39.13, 1.42.X prior to 1.42.7, and 1.43.X prior to 1.43.2. A successful exploit may enable an attacker to execute arbitrary JavaScript in the context of a user's session, leading to potential data theft or session hijacking.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References