PatchSiren cyber security CVE debrief
CVE-2026-58032 Wikimedia Foundation CVE debrief
CVE-2026-58032 is an Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. The issue affects MediaWiki versions before 1.46.0, 1.45.4, 1.44.6, and 1.43.9. This vulnerability can be exploited by attackers with permission to edit pages, potentially leading to cross-site scripting (XSS) attacks. Users of MediaWiki, especially those with versions before 1.46.0, 1.45.4, 1.44.6, and 1.43.9, should be aware of this vulnerability and take necessary actions to protect their installations.
- Vendor
- Wikimedia Foundation
- Product
- MediaWiki
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-01
- Original CVE updated
- 2026-07-09
- Advisory published
- 2026-07-01
- Advisory updated
- 2026-07-09
Who should care
Users of MediaWiki, especially those with versions before 1.46.0, 1.45.4, 1.44.6, and 1.43.9, should be aware of this vulnerability and take necessary actions to protect their installations. This includes administrators, developers, and security teams responsible for maintaining MediaWiki installations.
Technical summary
The vulnerability is caused by improper neutralization of input during web page generation, which can lead to cross-site scripting (XSS) attacks. The issue is associated with program files resources/src/mediawiki.Api/index.Js. The CVSS score for this vulnerability is 5.3, and the severity is MEDIUM. This issue affects MediaWiki: from before 1.46.0, 1.45.4, 1.44.6, 1.43.9. Users with permission to edit pages can exploit this vulnerability. To protect against this issue, users should update MediaWiki to a secure version and review custom or third-party extensions for compatibility. Additionally, monitoring for suspicious activity and reviewing official advisories are recommended.
Defensive priority
Medium priority should be given to updating MediaWiki to a secure version, as the vulnerability can be exploited by attackers with permission to edit pages.
Recommended defensive actions
- Update MediaWiki to version 1.46.0 or later, 1.45.4 or later, 1.44.6 or later, or 1.43.9 or later.
- Review and update any custom or third-party extensions to ensure they are compatible with the updated MediaWiki version.
- Monitor MediaWiki installations for any suspicious activity.
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
- Review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance.
- Plan vendor-supported updates or mitigations through normal change control where exposure is confirmed.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
Evidence notes
The CVE record was published on 2026-07-01T16:16:50.520Z and was last modified on 2026-07-09T19:42:23.293Z. The NVD entry is currently Analyzed. This issue is associated with program files resources/src/mediawiki.Api/index.Js. The vulnerability is caused by improper neutralization of input during web page generation, which can lead to cross-site scripting (XSS) attacks.
Official resources
-
CVE-2026-58032 CVE record
CVE.org
-
CVE-2026-58032 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
c4f26cc8-17ff-4c99-b5e2-38fc1793eacc - Permissions Required
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-01T16:16:50.520Z and has not been modified since then. The NVD entry is currently Analyzed.