Home

Description

The ApprovedRevs extension for MediaWiki is vulnerable to stored XSS in multiple locations where system messages are inserted into raw HTML without proper escaping. Attackers can exploit this by injecting JavaScript payloads via the uselang=x-xss language override, which causes crafted message keys to be rendered unescaped. This issue affects Mediawiki - ApprovedRevs extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.

PUBLISHED Reserved 2025-06-30 | Published 2025-07-07 | Updated 2025-07-07 | Assigner wikimedia-foundation

Problem types

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

Product status

Default status
unaffected

1.39.x (semver) before 1.39.13
affected

1.42.x (semver) before 1.42.7
affected

1.43.x (semver) before 1.43.2
affected

References

phabricator.wikimedia.org/T394383

gerrit.wikimedia.org/...085111e7898da485a5e2ae287fee4e6d167b

cve.org (CVE-2025-53487)

nvd.nist.gov (CVE-2025-53487)

Download JSON