All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-14358
MEDIUMpublished 2026-07-01 19:16 UTC · 3 days ago · modified 2026-07-02 15:14 UTC
6.9
CVSS / 10
// description
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in The Wikimedia Foundation Mediawiki - Charts Extension allows Cross-Site Scripting (XSS). This issue affects Mediawiki - Charts Extension: from * before 1.43.9,1.44.6,1.45.4.
// weaknesses (CWE)
- CWE-79