CVE-2025-53479 — The CheckUser extension’s Special:CheckUser interface is vulnerable to reflected XSS via the rev-deleted-user message. This message is rendered without proper escaping, making it possible to inject Ja — CVE Database · The Intelligence Room