Vulnerabilities

CVE-2026-39840

by Fred · 07/04/2026

Improper neutralization of input during web page generation (‘cross-site scripting’) vulnerability in Wikimedia Foundation Mediawiki – Cargo Extension allows XSS Targeting Non-Script Elements.This issue affects Mediawiki – Cargo Extension: before 3.8.7.

More information : https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Cargo/+/1237966

Similar

Tags: Cybersecurity Alert