Cross-Site Scripting Vulnerability in Wikimedia Foundation CheckUser
CVE-2026-58034
NONE
What is CVE-2026-58034?
A Cross-Site Scripting (XSS) vulnerability has been identified in the CheckUser tool by the Wikimedia Foundation. This flaw arises due to improper neutralization of user input during the web page generation process. Specifically, it affects versions of CheckUser from 1.46.0-rc.0 up to, but not including, 1.46.0, with potential implications for user data security and integrity. Attackers could exploit this vulnerability to inject malicious scripts, which might compromise the security environment of the application.
Affected Version(s)
CheckUser 1.46.0-rc.0 < 1.46.0
