CVE-2025-32700Sensitive Information Exposure in Foundation Mediawiki

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
2.3LOWNVD
EPSS
0.6%
top 31.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Wikimedia Foundation MediawikiMediawikiDebian Mediawiki
Timeline
PublishedApr 10

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseLog.Php, includes/Pager/AbuseLogPager.Php, includes/Special/SpecialAbuseLog.Php, includes/View/AbuseFilterViewExamine.Php. This issue affects AbuseFilter: from >= 1.43.0 before 1.43.1.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Affected Packages3 packages

CVEListV5wikimedia_foundation/mediawiki>= 1.43.01.43.1
debiandebian/mediawiki< mediawiki 1:1.43.1+dfsg-1 (forky)
Debianmediawiki/mediawiki< 1:1.43.1+dfsg-1+1

🔴Vulnerability Details

2
OSV
CVE-2025-32700: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter2025-04-10
GHSA
GHSA-f562-mmxh-p76r: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter2025-04-10

📋Vendor Advisories

1
Debian
CVE-2025-32700: mediawiki - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wiki...2025
CVE-2025-32700 — Sensitive Information Exposure | cvebase