Security Advisories - PKSA-tp5q-9k1h-6ph7 - Packagist

PKSA-tp5q-9k1h-6ph7 Security Advisory

[MEDIUM] Mediawiki - DataTransfer Extension Cross-Site Request Forgery (CSRF) and Cross-site Scripting (XSS)

PKSA-tp5q-9k1h-6ph7 CVE-2025-23081 GHSA-c3h5-h73c-29hq

Affected package: mediawiki/data-transfer

Affected version: >=1.42.0,<1.42.2|>=1.41.0,<1.41.3|>=1.39.0,<1.39.11

Reported by:
GitHub