Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

Vulnerability IntelligenceCVE-2025-32697

CVE-2025-32697

NONE0.0

Cascading protection is not preventing file reversions

Published Apr 10, 2025

Modified 11 months ago

Details

Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/editpage/IntroMessageBuilder.Php, includes/Permissions/PermissionManager.Php, includes/Permissions/RestrictionStore.Php.

This issue affects MediaWiki: before 1.42.6, 1.43.1.

References

https://phabricator.wikimedia.org/T140010

https://phabricator.wikimedia.org/T24521

https://phabricator.wikimedia.org/T62109

https://www.cve.org/CVERecord?id=CVE-2025-32697

CVSS Analysis

CVSS v4.0

0.0

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Attack Requirements

NoneAT:N

Privileges Required

LowPR:L

User Interaction

PassiveUI:P

Vulnerable System

Vuln. Confidentiality

NoneVC:N

Vuln. Integrity

NoneVI:N

Vuln. Availability

NoneVA:N

Subsequent System

Subseq. Confidentiality

NoneSC:N

Subseq. Integrity

NoneSI:N

Subseq. Availability

NoneSA:N

0/CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/RE:M/U:Green

Weakness Type (CWE)

Other

Ecosystems

Timeline

PublishedApr 10, 2025

ModifiedApr 10, 2025

CVE-2025-32697 | Mondoo Vulnerability Intelligence