{
  "threat_severity" : "Moderate",
  "public_date" : "2026-02-02T23:54:04Z",
  "bugzilla" : {
    "description" : "MediaWiki: MediaWiki: Cross-site Scripting via improper input neutralization",
    "id" : "2436128",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2436128"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.6",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
    "status" : "draft"
  },
  "cwe" : "CWE-79",
  "details" : [ "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Action/mediawiki.Action.Edit.Preview.Js, resources/src/mediawiki.Page.Preview.Js.\nThis issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.", "A flaw was found in MediaWiki. A remote attacker with high privileges could exploit an Improper Neutralization of Input During Web Page Generation (Cross-site Scripting or XSS) vulnerability. This flaw allows the injection of malicious scripts into web pages, which can lead to information disclosure or session hijacking." ],
  "statement" : "The vulnerability in MediaWiki allows for stored Cross-site Scripting (XSS) through system messages. Exploitation requires high privileges, limiting the attack surface to trusted administrators or users with elevated permissions. Red Hat products utilizing MediaWiki are affected if configured to allow untrusted content from highly privileged users.",
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-61637\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-61637\nhttps://phabricator.wikimedia.org/T394856" ],
  "name" : "CVE-2025-61637",
  "mitigation" : {
    "value" : "To mitigate this issue, restrict network access to the MediaWiki server to trusted networks only, utilizing firewall rules to prevent unauthorized access to the web application. Additionally, ensure that administrative privileges for MediaWiki are granted only to highly trusted personnel, as the vulnerability requires high privileges for script injection.",
    "lang" : "en:us"
  },
  "csaw" : false
}