← Back to CVEs
CVE-2025-12004
N/ADescription
Incorrect Permission Assignment for Critical Resource vulnerability in The Wikimedia Foundation Mediawiki - Lockdown Extension allows Privilege Abuse. Fixed in Mediawiki Core Action APIThis issue affects Mediawiki - Lockdown Extension: from master before 1.42.
CVE Details
CVSS v3.1 ScoreN/A
Published10/21/2025
Last Modified10/21/2025
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-732
References
https://gerrit.wikimedia.org/r/q/Id275382743957004fa7fc56318fc104d8e2d267b(c4f26cc8-17ff-4c99-b5e2-38fc1793eacc)
https://phabricator.wikimedia.org/T397521(c4f26cc8-17ff-4c99-b5e2-38fc1793eacc)
https://phabricator.wikimedia.org/T397521(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.