CVE-2026-39839 | Wikimedia Cargo Extension up to 3.8.6 on Mediawiki cross site scripting

Inserito da Angelo Barbosa | Apr 7, 2026 | CVE

A vulnerability described as problematic has been identified in Wikimedia Cargo Extension up to 3.8.6 on Mediawiki. This affects an unknown part. The manipulation results in basic cross site scripting.

This vulnerability is reported as CVE-2026-39839. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-39839 | Wikimedia Cargo Extension up to 3.8.6 on Mediawiki cross site scripting

Post correlati

CVE-2024-49761 | rexml Gem up to 3.3.8 on Ruby redos

CVE-2024-6532 | Sheet to Table Live Sync for Google Sheet Plugin up to 1.0.1 on WordPress Shortcode STWT_Sheet_Table cross site scripting

CVE-2023-45213 | Westermo Lynx 206-F2G 4.24 unknown vulnerability (icsa-24-023-04)

CVE-2024-33686 | Extend Themes Pathway Plugin on WordPress authorization