CVE-2025-49575 – Citizen is a MediaWiki skin that makes extensions

June 12, 2025

CVE ID : CVE-2025-49575

Published : June 12, 2025, 7:15 p.m. | 2 hours, 46 minutes ago

Description : Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. Multiple system messages are inserted into the CommandPaletteFooter as raw HTML, allowing anybody who can edit those messages to insert arbitrary HTML into the DOM. This impacts wikis where a group has the `editinterface` but not the `editsitejs` user right. This vulnerability is fixed in 3.3.1.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49579 – Citizen is a MediaWiki skin that makes extensions

Next Article CVE-2025-49578 – Citizen is a MediaWiki skin that makes extensions

Highlights

CVE-2025-34124 – Heroes of Might and Magic III Complete Buffer Overflow Vulnerability

July 16, 2025

CVE ID : CVE-2025-34124

Published : July 16, 2025, 10:15 p.m. | 4 hours, 47 minutes ago

Description : A buffer overflow vulnerability exists in Heroes of Might and Magic III Complete 4.0.0.0, HD Mod 3.808 build 9, and Demo 1.0.0.0 via malicious .h3m map files that exploit object sprite name parsing logic. The vulnerability occurs during in-game map loading when a crafted object name causes a buffer overflow, potentially allowing arbitrary code execution. Exploitation requires the victim to open a malicious map file within the game.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-49575 – Citizen is a MediaWiki skin that makes extensions

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Commvault Updates Security Advisory After Nation-State Threat Actor Activity in Azure

Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets

Does Claim Management Work with AI Automation?

Backups Are Under Attack: How to Protect Your Backups

CVE-2025-34124 – Heroes of Might and Magic III Complete Buffer Overflow Vulnerability

Rilasciata NixOS 25.05 “Warbler”

Raspberry Pi 5 Desktop Mini PC: Overclocking

Build a domain‐aware data preprocessing pipeline: A multi‐agent collaboration approach

CVE-2025-49575 – Citizen is a MediaWiki skin that makes extensions

Related Posts