PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-58032 Wikimedia Foundation CVE debrief

CVE-2026-58032 is an Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. The issue affects MediaWiki versions before 1.46.0, 1.45.4, 1.44.6, and 1.43.9. This vulnerability can be exploited by attackers with permission to edit pages, potentially leading to cross-site scripting (XSS) attacks. Users of MediaWiki, especially those with versions before 1.46.0, 1.45.4, 1.44.6, and 1.43.9, should be aware of this vulnerability and take necessary actions to protect their installations.

Vendor
Wikimedia Foundation
Product
MediaWiki
CVSS
MEDIUM 5.3
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-01
Original CVE updated
2026-07-09
Advisory published
2026-07-01
Advisory updated
2026-07-09

Who should care

Users of MediaWiki, especially those with versions before 1.46.0, 1.45.4, 1.44.6, and 1.43.9, should be aware of this vulnerability and take necessary actions to protect their installations. This includes administrators, developers, and security teams responsible for maintaining MediaWiki installations.

Technical summary

The vulnerability is caused by improper neutralization of input during web page generation, which can lead to cross-site scripting (XSS) attacks. The issue is associated with program files resources/src/mediawiki.Api/index.Js. The CVSS score for this vulnerability is 5.3, and the severity is MEDIUM. This issue affects MediaWiki: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9. Users with permission to edit pages can exploit this vulnerability. To protect against this issue, users should update MediaWiki to a secure version and review custom or third-party extensions for compatibility. Additionally, monitoring for suspicious activity and reviewing official advisories are recommended.

Defensive priority

Medium priority should be given to updating MediaWiki to a secure version, as the vulnerability can be exploited by attackers with permission to edit pages.

Recommended defensive actions

  • Update MediaWiki to version 1.46.0 or later, 1.45.4 or later, 1.44.6 or later, or 1.43.9 or later.
  • Review and update any custom or third-party extensions to ensure they are compatible with the updated MediaWiki version.
  • Monitor MediaWiki installations for any suspicious activity.
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
  • Review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance.
  • Plan vendor-supported updates or mitigations through normal change control where exposure is confirmed.
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review.

Evidence notes

The CVE record was published on 2026-07-01T16:16:50.520Z and was last modified on 2026-07-09T19:42:23.293Z. The NVD entry is currently Analyzed. This issue is associated with program files resources/src/mediawiki.Api/index.Js. The vulnerability is caused by improper neutralization of input during web page generation, which can lead to cross-site scripting (XSS) attacks.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-01T16:16:50.520Z and has not been modified since then. The NVD entry is currently Analyzed.