Description

ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 00bebea, when enabling a conflicting extension, a restricted extension would be automatically disabled even if the user did not hold the ManageWiki-restricted right. This issue has been patched in commit 00bebea. A workaround involves ensuring that any extensions requiring specific permissions in `$wgManageWikiExtensions` also require the same permissions for managing any conflicting extensions.

INFO

Published Date :

2025-04-22T17:15:03.200Z

Last Modified :

2025-04-22T17:35:37.926Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-32964 vulnerability.

Vendors Products
Miraheze
  • Managewiki
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-32964.

URL Resource
https://github.com/miraheze/ManageWiki/commit/00bebea43a3e3ff0157b5f04df17c1d1e88a9acd cve-icon cve-icon
https://github.com/miraheze/ManageWiki/security/advisories/GHSA-ccrf-x5rp-gppr cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact