CVE-2025-32073

CVE-2025-32073: System message XSS in HTMLTags

Vendor The Wikimedia Foundation

Product Mediawiki - HTML Tags

Weakness CWE-20 · Input validation

Published April 11, 2025

Last update July 7, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Improper Input Validation vulnerability in The Wikimedia Foundation Mediawiki - HTML Tags allows Cross-Site Scripting (XSS).This issue affects Mediawiki - HTML Tags: from 1.39 through 1.43.

Key dates

02Disclosure timeline

April 11, 2025 CVE published

July 7, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-32073 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

04Related CVE

CVE-2018-0475 Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability CVE-2018-15369 Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability CVE-2024-3096 PHP function password_verify can erroneously return true when argument contains NUL CVE-2025-12842 Booking Plugin for WordPress Appointments – Time Slot <= 1.4.7 - Unauthenticated Arbitrary Email Sending CVE-2021-25414