{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-67479", "assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "state": "PUBLISHED", "assignerShortName": "wikimedia-foundation", "dateReserved": "2025-12-08T17:51:48.871Z", "datePublished": "2026-02-03T01:12:21.567Z", "dateUpdated": "2026-02-03T15:32:35.931Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "MediaWiki", "programFiles": ["includes/Parser/CoreParserFunctions.php", "includes/Parser/Sanitizer.php"], "repo": "https://gerrit.wikimedia.org/g/mediawiki/core/+/refs/heads/master", "vendor": "Wikimedia Foundation", "versions": [{"lessThan": "1.39.14, 1.43.4, 1.44.1", "status": "affected", "version": "*", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Cite", "repo": "https://gerrit.wikimedia.org/g/mediawiki/extensions/Cite/+/refs/heads/master", "vendor": "Wikimedia Foundation", "versions": [{"lessThan": "1.39.14, 1.43.4, 1.44.1", "status": "affected", "version": "*", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite.<p> This vulnerability is associated with program files <tt>includes/Parser/CoreParserFunctions.Php</tt>, <tt>includes/Parser/Sanitizer.Php</tt>.</p><p>This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Cite: from * before 1.39.14, 1.43.4, 1.44.1.</p>"}], "value": "Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php.\n\nThis issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Cite: from * before 1.39.14, 1.43.4, 1.44.1."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 0, "baseSeverity": "NONE", "exploitMaturity": "UNREPORTED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "shortName": "wikimedia-foundation", "dateUpdated": "2026-02-03T01:12:21.567Z"}, "references": [{"url": "https://phabricator.wikimedia.org/T407131"}], "source": {"discovery": "UNKNOWN"}, "title": "Magic word replacement in legacy parser allows using reserved data attributes through wikitext", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-03T15:26:19.926938Z", "id": "CVE-2025-67479", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-03T15:32:35.931Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-67479", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-03T15:26:19.926938Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-03T15:26:20.619Z"}}], "cna": {"title": "Magic word replacement in legacy parser allows using reserved data attributes through wikitext", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 0, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U", "exploitMaturity": "UNREPORTED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://gerrit.wikimedia.org/g/mediawiki/core/+/refs/heads/master", "vendor": "Wikimedia Foundation", "product": "MediaWiki", "versions": [{"status": "affected", "version": "*", "lessThan": "1.39.14, 1.43.4, 1.44.1", "versionType": "semver"}], "programFiles": ["includes/Parser/CoreParserFunctions.php", "includes/Parser/Sanitizer.php"], "defaultStatus": "unaffected"}, {"repo": "https://gerrit.wikimedia.org/g/mediawiki/extensions/Cite/+/refs/heads/master", "vendor": "Wikimedia Foundation", "product": "Cite", "versions": [{"status": "affected", "version": "*", "lessThan": "1.39.14, 1.43.4, 1.44.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://phabricator.wikimedia.org/T407131"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php.\n\nThis issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Cite: from * before 1.39.14, 1.43.4, 1.44.1.", "supportingMedia": [{"type": "text/html", "value": "Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite.<p> This vulnerability is associated with program files <tt>includes/Parser/CoreParserFunctions.Php</tt>, <tt>includes/Parser/Sanitizer.Php</tt>.</p><p>This issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Cite: from * before 1.39.14, 1.43.4, 1.44.1.</p>", "base64": false}]}], "providerMetadata": {"orgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "shortName": "wikimedia-foundation", "dateUpdated": "2026-02-03T01:12:21.567Z"}}}, "cveMetadata": {"cveId": "CVE-2025-67479", "state": "PUBLISHED", "dateUpdated": "2026-02-03T15:32:35.931Z", "dateReserved": "2025-12-08T17:51:48.871Z", "assignerOrgId": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "datePublished": "2026-02-03T01:12:21.567Z", "assignerShortName": "wikimedia-foundation"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php.\n\nThis issue affects MediaWiki: from * before 1.39.14, 1.43.4, 1.44.1; Cite: from * before 1.39.14, 1.43.4, 1.44.1."}], "id": "CVE-2025-67479", "lastModified": "2026-02-03T16:44:03.343", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 0.0, "baseSeverity": "NONE", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "UNREPORTED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "type": "Secondary"}]}, "published": "2026-02-03T02:16:08.953", "references": [{"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "url": "https://phabricator.wikimedia.org/T407131"}], "sourceIdentifier": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "MediaWiki: MediaWiki: Vulnerability in parsing and sanitization", "id": "2436184", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436184"}, "csaw": false, "cvss3": {"cvss3_base_score": "0.0", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N", "status": "draft"}, "cwe": "CWE-915", "details": ["A flaw was found in Wikimedia Foundation MediaWiki and Cite. This vulnerability is associated with the software's parsing and sanitization functions, specifically within CoreParserFunctions.Php and Sanitizer.Php. While the exact method of exploitation and its consequences are not fully detailed, such issues can potentially lead to unexpected behavior or data processing within the application."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2025-67479", "public_date": "2026-02-03T01:12:21Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-67479\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-67479\nhttps://phabricator.wikimedia.org/T407131"], "statement": "This vulnerability affects MediaWiki, allowing for the use of reserved data attributes through wikitext due to a flaw in the legacy parser's magic word replacement mechanism. This could enable unauthorized content manipulation within affected MediaWiki installations, specifically those distributed in Fedora.", "threat_severity": "Low"}

{}