← Volver a CVEs
CVE-2025-12004
N/ADescripcion
Incorrect Permission Assignment for Critical Resource vulnerability in The Wikimedia Foundation Mediawiki - Lockdown Extension allows Privilege Abuse. Fixed in Mediawiki Core Action APIThis issue affects Mediawiki - Lockdown Extension: from master before 1.42.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado10/21/2025
Ultima modificacion10/21/2025
Fuentenvd
Avistamientos honeypot0
Debilidades (CWE)
CWE-732
Referencias
https://gerrit.wikimedia.org/r/q/Id275382743957004fa7fc56318fc104d8e2d267b(c4f26cc8-17ff-4c99-b5e2-38fc1793eacc)
https://phabricator.wikimedia.org/T397521(c4f26cc8-17ff-4c99-b5e2-38fc1793eacc)
https://phabricator.wikimedia.org/T397521(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.