CVE-2025-53625

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-53625

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-53625.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-53625

Aliases

GHSA-7pgw-q3qp-6pgq

Related

GHSA-7pgw-q3qp-6pgq

Published

2025-07-10T19:15:26Z

Modified

2025-07-12T04:12:03.573715Z

Summary

[none]

Details

The DynamicPageList3 extension is a reporting tool for MediaWiki, listing category members and intersections with various formats and details. Several #dpl parameters can leak usernames that have been hidden using revision deletion, suppression, or the hideuser block flag. The vulnerability is fixed in 3.6.4.

References

Affected packages

Git / github.com/universal-omega/dynamicpagelist3

Affected ranges

Type: GIT
Repo: https://github.com/universal-omega/dynamicpagelist3
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

a3dae0c89fb4214390c29ceffa23bbe2099986d6

Affected versions

3.*

3.3.10

3.3.5

3.3.6

3.3.7

3.3.8

3.3.9

3.4.0

3.4.1

3.4.2

3.4.3

3.4.4

3.4.5

3.4.6

3.5.0

3.5.1

3.5.2

3.6.0

3.6.1

3.6.2

3.6.3