CVE-2026-58519
Severity CVSS v4.0:
MEDIUM
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
01/07/2026
Last modified:
01/07/2026
Description
Improper neutralization of input during web page generation (&#39;cross-site scripting&#39;) vulnerability in The Wikimedia Foundation Mediawiki - Cargo Extension allows Stored XSS.<br />
<br />
This issue affects Mediawiki - Cargo Extension: from * before 3.9.1.
Impact
Base Score 4.0
6.90
Severity 4.0
MEDIUM



