๐Ÿ” CVE Alert

CVE-2026-58030

UNKNOWN 0.0

SyntaxHighlight stored XSS via unsanitized 'linelinks' attribute

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation SyntaxHighlight_GeSHi. This vulnerability is associated with program files includes/SyntaxHighlight.Php. This issue affects SyntaxHighlight_GeSHi: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

CWE CWE-79
Vendor wikimedia foundation
Product syntaxhighlight_geshi
Published Jul 1, 2026
Last Updated Jul 1, 2026
Stay Ahead of the Next One

Get instant alerts for wikimedia foundation syntaxhighlight_geshi

Be the first to know when new unknown vulnerabilities affecting wikimedia foundation syntaxhighlight_geshi are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Wikimedia Foundation / SyntaxHighlight_GeSHi
* < 1.46.0, 1.45.4, 1.44.6, 1.43.9

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
phabricator.wikimedia.org: https://phabricator.wikimedia.org/T427167