← Voltar para CVEs
CVE-2025-12004
N/ADescricao
Incorrect Permission Assignment for Critical Resource vulnerability in The Wikimedia Foundation Mediawiki - Lockdown Extension allows Privilege Abuse. Fixed in Mediawiki Core Action APIThis issue affects Mediawiki - Lockdown Extension: from master before 1.42.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado10/21/2025
Ultima modificacao10/21/2025
Fontenvd
Avistamentos honeypot0
Fraquezas (CWE)
CWE-732
Referencias
https://gerrit.wikimedia.org/r/q/Id275382743957004fa7fc56318fc104d8e2d267b(c4f26cc8-17ff-4c99-b5e2-38fc1793eacc)
https://phabricator.wikimedia.org/T397521(c4f26cc8-17ff-4c99-b5e2-38fc1793eacc)
https://phabricator.wikimedia.org/T397521(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.