Wikimedia Foundation MediaWiki AbuseFilter Extension Missing Authorization Vulnerability

Vulnerability

A missing authorization vulnerability in the Wikimedia Foundation MediaWiki AbuseFilter Extension allows unauthorized access. This issue affects versions 1.39.X prior to 1.39.13, 1.42.X prior to 1.42.7, and 1.43.X prior to 1.43.2.

Impact

Exploitation of this vulnerability could lead to unauthorized access, allowing users to bypass authorization mechanisms and potentially manipulate or access restricted features or data within the AbuseFilter extension.

Added: Jul 7, 2025, 7:21 PM

Updated: Jul 7, 2025, 7:21 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

5.0

exploitability

8.2

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

5.0

exploitability

8.2

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Wikimedia Foundation MediaWiki AbuseFilter Extension Missing Authorization Vulnerability

Vulnerability

Impact

Affected Products

Wikimedia Foundation Mediawiki - AbuseFilter Extension

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating