CNNVD-202510-2570 Information

CNNVD ID

CNNVD-202510-2570

Related CVE

CVE-2025-62658

• CNNVD Published: 2025-10-20

Description (Chinese)

MediaWiki - WatchAnalytics extension是MediaWiki开源的一个用户跟踪和分析扩展。 MediaWiki - WatchAnalytics extension 1.43版本和1.44版本存在安全漏洞，该漏洞源于特殊元素中和不当，可能导致SQL注入攻击。

Description (English)

MediaWiki - WatchAnalytics extension is a user tracking and analysis extension of MediaWiki open source. There is a security loophole in MediaWiki - WatchAnalytics edition 1.43 and version 1.44, which stems from the incompetence of special elements and could lead to an attack by SQL.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

维基媒体

Published

2025-10-20

Last Modified

2026-02-24

References

https://phabricator.wikimedia.org/T406380 https://access.redhat.com/security/cve/cve-2025-62658

Patch

https://phabricator.wikimedia.org/T406380