Vulnerability Details CVE-2026-22712
Improper Encoding or Escaping of Output due to magic word replacement in ParserAfterTidy vulnerability in The Wikimedia Foundation Mediawiki - ApprovedRevs Extension allows Input Data Manipulation.This issue affects Mediawiki - ApprovedRevs Extension: 1.45, 1.44, 1.43, 1.39.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.8%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2026-22712
-
cpe:2.3:a:wikiworks:approved_revs:1.39
-
cpe:2.3:a:wikiworks:approved_revs:1.43
-
cpe:2.3:a:wikiworks:approved_revs:1.44
-
cpe:2.3:a:wikiworks:approved_revs:1.45