XSS in Wikimedia Foundation Scribunto

CVE-2026-34089

Vulnerability in Wikimedia Foundation Scribunto. This issue affects Scribunto: from 1.45.0 before 1.45.2.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.001 (16.7th percentile) — read the EPSS interpretation.

Affected products

Wikimedia Foundation Scribunto — versions 1.45.0

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

c4f26cc8-17ff-4c99-b5e2-38fc1793eacc