Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| miraheze | ManageWiki | affected |
|
No data.
| Vendor | Product | Confidence | Versions |
|---|---|---|---|
| Miraheze | Managewiki | — | — |
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2025-12408 | ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 00bebea, when enabling a conflicting extension, a restricted extension would be automatically disabled even if the user did not hold the ManageWiki-restricted right. This issue has been patched in commit 00bebea. A workaround involves ensuring that any extensions requiring specific permissions in `$wgManageWikiExtensions` also require the same permissions for managing any conflicting extensions. |
Fri, 19 Sep 2025 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:miraheze:managewiki:*:*:*:*:*:mediawiki:*:* |
Tue, 22 Apr 2025 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 22 Apr 2025 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 00bebea, when enabling a conflicting extension, a restricted extension would be automatically disabled even if the user did not hold the ManageWiki-restricted right. This issue has been patched in commit 00bebea. A workaround involves ensuring that any extensions requiring specific permissions in `$wgManageWikiExtensions` also require the same permissions for managing any conflicting extensions. | |
| Title | ManageWiki vulnerable to permission bypass when disabling extensions requiring certain permissions in Special:ManageWiki/extensions | |
| Weaknesses | CWE-285 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-04-22T17:35:37.926Z
Reserved: 2025-04-14T21:47:11.453Z
Link: CVE-2025-32964
Vulnrichment
Updated: 2025-04-22T17:35:29.776Z
NVD
Status : Analyzed
Published: 2025-04-22T18:16:00.847
Modified: 2025-09-19T15:46:04.070
Link: CVE-2025-32964
Redhat
No data.
OpenCVE Enrichment
Updated: 2025-07-12T16:01:42Z