CVE-2025-6596

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Vector. This vulnerability is associated with program files resources/skins.Vector.Js/portlets.Js, resources/skins.Vector.Legacy.Js/portlets.Js. This issue affects Vector: from >= 1.40.0 before 1.42.7, 1.43.2, 1.44.0.
https://nvd.nist.gov/vuln/detail/CVE-2025-6596

Categories

CWE-79

References

 

CPE

cpe	start	end

---

REMEDIATION

---

---

EXPLOITS

---

Exploit-db.com

id	description	date
No known exploits

---

POC Github

Url

---

Other Nist (github, ...)

Url
No known exploits

---

CAPEC

---

Common Attack Pattern Enumerations and Classifications

id	description	severity
No entry

---