XSS Vulnerability in Wikimedia Foundation's Mediawiki - Charts Extension
CVE-2026-14358
6.9MEDIUM
What is CVE-2026-14358?
The Mediawiki - Charts Extension from Wikimedia Foundation is susceptible to a cross-site scripting (XSS) vulnerability due to improper neutralization of input during web page generation. This flaw allows attackers to execute malicious scripts in the context of users' browsers, potentially compromising user data and session integrity. Affected versions include those prior to 1.43.9, and 1.44.6, and 1.45.4, making it imperative for users to update to the latest versions to mitigate this risk.
Affected Version(s)
Mediawiki - Charts Extension * < 1.43.9,1.44.6,1.45.4
