CVE-2025-12004

N/A

Beschreibung

Incorrect Permission Assignment for Critical Resource vulnerability in The Wikimedia Foundation Mediawiki - Lockdown Extension allows Privilege Abuse. Fixed in Mediawiki Core Action APIThis issue affects Mediawiki - Lockdown Extension: from master before 1.42.

CVE Details

CVSS v3.1 BewertungN/A

Veroffentlicht10/21/2025

Zuletzt geandert10/21/2025

Quellenvd

Honeypot-Sichtungen0

Schwachen (CWE)

CWE-732

Referenzen

https://gerrit.wikimedia.org/r/q/Id275382743957004fa7fc56318fc104d8e2d267b(c4f26cc8-17ff-4c99-b5e2-38fc1793eacc)

https://phabricator.wikimedia.org/T397521(c4f26cc8-17ff-4c99-b5e2-38fc1793eacc)

https://phabricator.wikimedia.org/T397521(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.