πŸ” CVE Alert

CVE-2025-10354

UNKNOWN 0.0

Reflected Cross-Site Scripting (XSS) in Semantic MediaWiki

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Cross-Site Scripting (XSS) vulnerability reflected in Semantic MediaWiki. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL using the '/index.php/Speciaal:GefacetteerdZoeken' endpoint parameter. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.

CWE CWE-79
Vendor semantic mediawiki
Product semantic mediawiki
Published Apr 21, 2026
Stay Ahead of the Next One

Get instant alerts for semantic mediawiki semantic mediawiki

Be the first to know when new unknown vulnerabilities affecting semantic mediawiki semantic mediawiki are published β€” delivered to Slack, Telegram or Discord.

Get Free Alerts β†’ Free Β· No credit card Β· 60 sec setup

Affected Versions

Semantic MediaWiki / Semantic MediaWiki
5.0.2

References

NVD β†— CVE.org β†— EPSS Data β†—
incibe.es: https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scripting-xss-semantic-mediawiki

Credits

Gonzalo Aguilar GarcΓ­a (6h4ack)