CVE-2025-32068

Description

Incorrect Authorization vulnerability in The Wikimedia Foundation Mediawiki - OAuth Extension allows Authentication Bypass.This issue affects Mediawiki - OAuth Extension: from 1.39 through 1.43.

PUBLISHED Reserved 2025-04-03 | Published 2025-04-11 | Updated 2025-07-07 | Assigner wikimedia-foundation

Problem types

CWE-863 Incorrect Authorization

Product status

Credits

Tgr finder

MarkusRost finder

References

phabricator.wikimedia.org/T336113

gerrit.wikimedia.org/...1af2cdfb862a42432e7a87b863033d540cfc

cve.org (CVE-2025-32068)

nvd.nist.gov (CVE-2025-32068)

Download JSON