Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-67479

Опубликовано: 03 фев. 2026
Источник: redhat
CVSS3: 0

Описание

Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Cite: from * before 1.39.14, 1.43.4, 1.44.1.

A flaw was found in Wikimedia Foundation MediaWiki and Cite. This vulnerability is associated with the software's parsing and sanitization functions, specifically within CoreParserFunctions.Php and Sanitizer.Php. While the exact method of exploitation and its consequences are not fully detailed, such issues can potentially lead to unexpected behavior or data processing within the application.

Отчет

This vulnerability affects MediaWiki, allowing for the use of reserved data attributes through wikitext due to a flaw in the legacy parser's magic word replacement mechanism. This could enable unauthorized content manipulation within affected MediaWiki installations, specifically those distributed in Fedora.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-915
https://bugzilla.redhat.com/show_bug.cgi?id=2436184MediaWiki: MediaWiki: Vulnerability in parsing and sanitization

0 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-67479

ubuntu
2 месяца назад

Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Cite: from * before 1.39.14, 1.43.4, 1.44.1.

nvd логотип

CVE-2025-67479

nvd
2 месяца назад

Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Cite: from * before 1.39.14, 1.43.4, 1.44.1.

debian логотип

CVE-2025-67479

debian
2 месяца назад

Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation ...

github логотип

GHSA-mvgm-9fcq-x877

github
2 месяца назад

Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php. This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Cite: from * before 1.39.14, 1.43.4, 1.44.1.

0 Low

CVSS3