CVE-2025-32964
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-32964
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-32964.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-32964
- Aliases
-
- GHSA-ccrf-x5rp-gppr
- Published
- 2025-04-22T18:16:00Z
- Modified
- 2025-04-23T14:08:13Z
- Summary
- [none]
- Details
-
ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 00bebea, when enabling a conflicting extension, a restricted extension would be automatically disabled even if the user did not hold the ManageWiki-restricted right. This issue has been patched in commit 00bebea. A workaround involves ensuring that any extensions requiring specific permissions in
$wgManageWikiExtensionsalso require the same permissions for managing any conflicting extensions. - References