← Retour aux CVEs
CVE-2025-12004
N/ADescription
Incorrect Permission Assignment for Critical Resource vulnerability in The Wikimedia Foundation Mediawiki - Lockdown Extension allows Privilege Abuse. Fixed in Mediawiki Core Action APIThis issue affects Mediawiki - Lockdown Extension: from master before 1.42.
Details CVE
Score CVSS v3.1N/A
Publie10/21/2025
Derniere modification10/21/2025
Sourcenvd
Observations honeypot0
Faiblesses (CWE)
CWE-732
References
https://gerrit.wikimedia.org/r/q/Id275382743957004fa7fc56318fc104d8e2d267b(c4f26cc8-17ff-4c99-b5e2-38fc1793eacc)
https://phabricator.wikimedia.org/T397521(c4f26cc8-17ff-4c99-b5e2-38fc1793eacc)
https://phabricator.wikimedia.org/T397521(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.