CNNVD-202602-530 Information

Feb 03, 2026 cve

CNNVD ID

CNNVD-202602-530

CVE-2025-11173

CNNVD Published: 2026-02-03

Description (Chinese)

Wikimedia OATHAuth是Wikimedia基金会的一个双重身份验证扩展。 Wikimedia OATHAuth 1.39.14之前版本、1.43.4之前版本和1.44.1之前版本存在安全漏洞，该漏洞源于程序文件src/Special/OATHManage.Php存在问题。

Description (English)

Wikimedia OATHAuth is a dual identification extension of the Wikimedia Foundation. There is a security loophole in the pre-Wikimedia OATHAuth 1.39.14, pre-1.43.4 and pre-1.44.1 versions, which stems from problems in the program document src/special/OATHManage.Php.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

维基媒体

Published

2026-02-03

Last Modified

2026-02-24

References

https://phabricator.wikimedia.org/T401862 https://phabricator.wikimedia.org/T402094

Patch

https://www.mediawiki.org/wiki/Extension:OATHAuth

Share on: