CNNVD-202510-2771 Information

CNNVD ID

CNNVD-202510-2771

Related CVE

CVE-2025-12004

• CNNVD Published: 2025-10-21

Description (Chinese)

MediaWiki - Lockdown Extension是MediaWiki开源的一个权限控制扩展。 MediaWiki - Lockdown Extension版本至1.42之前版本存在安全漏洞，该漏洞源于关键资源权限分配不当，可能导致权限滥用。

Description (English)

MediaWiki - Lockdown Extension is a rights-control extension for MediaWiki open source. MediaWiki - Lockdown Extension versions up to 1.42 had a security loophole, which stemmed from the misallocation of critical resources authority, which could lead to abuse.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

维基媒体

Published

2025-10-21

Last Modified

2026-02-24

References

https://gerrit.wikimedia.org/r/q/Id275382743957004fa7fc56318fc104d8e2d267b https://phabricator.wikimedia.org/T397521

Patch

https://phabricator.wikimedia.org/T397521