VulnerableCode Package Details - pkg:deb/debian/mediawiki@1:1.39.12-1~deb12u1

Search for packages

Vulnerability	Summary	Fixed by
VCID-vge4-wfm4-r3dr Aliases: CVE-2025-32072	Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils allows WebView Injection.This issue affects Mediawiki Core - Feed Utils: from 1.39 through 1.43.	1:1.43.1+dfsg-2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-vge4-wfm4-r3dr
Aliases:
CVE-2025-32072

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils allows WebView Injection.This issue affects Mediawiki Core - Feed Utils: from 1.39 through 1.43.

1:1.43.1+dfsg-2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-5p4h-zz1t-rufv	Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid.This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1; Parsoid: before 0.16.5, 0.19.2, 0.20.2.	CVE-2025-32699
VCID-8r94-4gcj-kqf7	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLMultiSelectField.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.	CVE-2025-3469
VCID-bh3d-zm2d-kyb5	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseLog.Php, includes/Pager/AbuseLogPager.Php, includes/Special/SpecialAbuseLog.Php, includes/View/AbuseFilterViewExamine.Php. This issue affects AbuseFilter: from >= 1.43.0 before 1.43.1.	CVE-2025-32700
VCID-fbhc-3z4g-sbhq	Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/editpage/IntroMessageBuilder.Php, includes/Permissions/PermissionManager.Php, includes/Permissions/RestrictionStore.Php. This issue affects MediaWiki: before 1.42.6, 1.43.1.	CVE-2025-32697
VCID-n4rb-218x-3fbx	Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/actions/RevertAction.Php, includes/api/ApiFileRevert.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.	CVE-2025-32696
VCID-te4z-gmum-57er	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/LogPager.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.	CVE-2025-32698
VCID-vge4-wfm4-r3dr	Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils allows WebView Injection.This issue affects Mediawiki Core - Feed Utils: from 1.39 through 1.43.	CVE-2025-32072

Vulnerability

Summary

Aliases

VCID-5p4h-zz1t-rufv

Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid.This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1; Parsoid: before 0.16.5, 0.19.2, 0.20.2.

CVE-2025-32699

VCID-8r94-4gcj-kqf7

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLMultiSelectField.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.

CVE-2025-3469

VCID-bh3d-zm2d-kyb5

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vulnerability is associated with program files includes/Api/QueryAbuseLog.Php, includes/Pager/AbuseLogPager.Php, includes/Special/SpecialAbuseLog.Php, includes/View/AbuseFilterViewExamine.Php. This issue affects AbuseFilter: from >= 1.43.0 before 1.43.1.

CVE-2025-32700

VCID-fbhc-3z4g-sbhq

Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/editpage/IntroMessageBuilder.Php, includes/Permissions/PermissionManager.Php, includes/Permissions/RestrictionStore.Php. This issue affects MediaWiki: before 1.42.6, 1.43.1.

CVE-2025-32697

VCID-n4rb-218x-3fbx

Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/actions/RevertAction.Php, includes/api/ApiFileRevert.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.

CVE-2025-32696

VCID-te4z-gmum-57er

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/LogPager.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1.

CVE-2025-32698

VCID-vge4-wfm4-r3dr

CVE-2025-32072

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-22T11:51:17.382968+00:00	Debian Importer	Affected by	VCID-vge4-wfm4-r3dr	https://security-tracker.debian.org/tracker/data/json	36.1.3
2025-06-01T18:56:58.001959+00:00	Debian Importer	Affected by	VCID-vge4-wfm4-r3dr	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-23T12:05:19.465622+00:00	Debian Importer	Fixing	VCID-vge4-wfm4-r3dr	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-22T19:49:49.400462+00:00	Debian Importer	Fixing	VCID-8r94-4gcj-kqf7	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-22T14:28:14.956570+00:00	Debian Importer	Fixing	VCID-fbhc-3z4g-sbhq	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-22T05:50:20.498195+00:00	Debian Importer	Fixing	VCID-n4rb-218x-3fbx	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-22T04:52:41.236189+00:00	Debian Importer	Fixing	VCID-5p4h-zz1t-rufv	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-22T04:20:14.685599+00:00	Debian Importer	Fixing	VCID-te4z-gmum-57er	https://security-tracker.debian.org/tracker/data/json	36.0.0
2025-04-22T04:09:56.471807+00:00	Debian Importer	Fixing	VCID-bh3d-zm2d-kyb5	https://security-tracker.debian.org/tracker/data/json	36.0.0