CVE-2025-53501

Description

Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension allows : Accessing Functionality Not Properly Constrained by Authorization.This issue affects Mediawiki - Scribunto Extension: from 1.39.X before 1.39.12, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.

PUBLISHED Reserved 2025-06-30 | Published 2025-07-03 | Updated 2025-07-10 | Assigner wikimedia-foundation

Problem types

CWE-284: Improper Access Control

Product status

Credits

Leo768 finder

References

phabricator.wikimedia.org/T397524

gerrit.wikimedia.org/...awiki/extensions/Scribunto/+/1164541

cve.org (CVE-2025-53501)

nvd.nist.gov (CVE-2025-53501)

Download JSON