System	Score	Found at
epss	0.00151	https://api.first.org/data/v1/epss?cve=CVE-2019-12472
cvssv3.1	7.5	https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2019-12472.yaml
generic_textual	HIGH	https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2019-12472.yaml
cvssv3.1	7.5	https://github.com/wikimedia/mediawiki
generic_textual	HIGH	https://github.com/wikimedia/mediawiki
cvssv3.1	7.5	https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
generic_textual	HIGH	https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
cvssv2	5.0	https://nvd.nist.gov/vuln/detail/CVE-2019-12472
cvssv3	7.5	https://nvd.nist.gov/vuln/detail/CVE-2019-12472
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2019-12472
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2019-12472
cvssv3.1	7.5	https://phabricator.wikimedia.org/T199540
generic_textual	HIGH	https://phabricator.wikimedia.org/T199540

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2019-12472
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12466
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12467
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12468
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12469
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12470
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12471
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12472
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12473
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12474
		https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2019-12472.yaml
		https://github.com/wikimedia/mediawiki
		https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
		https://nvd.nist.gov/vuln/detail/CVE-2019-12472
		https://phabricator.wikimedia.org/T199540
cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*

No exploits are available.

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2019-12472.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/wikimedia/mediawiki

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2019-12472

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2019-12472

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2019-12472

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://phabricator.wikimedia.org/T199540

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Percentile	0.36725
EPSS Score	0.00151
Published At	June 30, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-01T12:27:35.290326+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-7mqg-5fgh-xh4r/GHSA-7mqg-5fgh-xh4r.json	36.1.3