← Zuruck zu CVEs
CVE-2025-61639
MEDIUM4.8
Beschreibung
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1.
CVE Details
CVSS v3.1 Bewertung4.8
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienHIGH
BenutzerinteraktionREQUIRED
Veroffentlicht2/3/2026
Zuletzt geandert3/16/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
mediawiki:mediawiki
Schwachen (CWE)
CWE-200
Referenzen
https://phabricator.wikimedia.org/T280413(c4f26cc8-17ff-4c99-b5e2-38fc1793eacc)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.