PT-2025-42565 · Mediawiki+1 · Mediawiki+1

Published

2025-01-01

Updated

2026-02-03

CVE-2025-61652

CVSS v4.0

2.7

Low

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U

Name of the Vulnerable Software and Affected Versions mediawiki (affected versions not specified)

Description The software has a flaw where user read permissions are not properly checked before displaying PageInfo through an API. This could potentially allow unauthorized access to information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2025-61652

DSA-6085-1

Affected Products

Debian

Mediawiki

PT-2025-42565 · Mediawiki+1 · Mediawiki+1

CVE-2025-61652

Weakness Enumeration

Related Identifiers

Affected Products

References · 9