Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

campaignevents

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

2
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2026-0817
Assigner-The Wikimedia Foundation
ShareView Details
Assigner-The Wikimedia Foundation
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 11.02%
||
7 Day CHG~0.00%
Published-09 Jan, 2026 | 15:50
Updated-10 Feb, 2026 | 20:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CampaignEvents API missing authorization exposes meeting and chat URLs

Missing Authorization vulnerability in Wikimedia Foundation MediaWiki - CampaignEvents extension allows Privilege Abuse.This issue affects MediaWiki - CampaignEvents extension: 1.45, 1.44, 1.43, 1.39.

Action-Not Available
Vendor-Wikimedia Foundation
Product-campaigneventsMediaWiki - CampaignEvents extension
CWE ID-CWE-862
Missing Authorization
CVE-2025-53490
Assigner-The Wikimedia Foundation
ShareView Details
Assigner-The Wikimedia Foundation
CVSS Score-5.6||MEDIUM
EPSS-0.06% / 19.71%
||
7 Day CHG-0.00%
Published-03 Jul, 2025 | 16:04
Updated-01 Oct, 2025 | 13:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple XSS in CampaignEvents

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - CampaignEvents Extension allows Cross-Site Scripting (XSS).This issue affects Mediawiki - CampaignEvents Extension: from 1.43.X before 1.43.2.

Action-Not Available
Vendor-jlyWikimedia Foundation
Product-campaigneventsmediawikiMediawiki - CampaignEvents Extension
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')