Security Authentication Bypass in CentralAuth

July 5, 2025 invoker category_cve

CVE Details

Basic Information

Title Security Authentication Bypass in CentralAuth
Type cve
Published 2025-07-03T16:23:56.503Z
Modified 2025-07-03T17:41:44.046Z

Product Information

Vendor Wikimedia Foundation
Product Mediawiki – CentralAuth Extension
Version 1.39.x

CVSS Information

Base Score 0.0 ()

AI Analysis

AI Description An authentication bypass vulnerability in the CentralAuth extension for Mediawiki allows unauthorized access. This affects multiple versions of the extension.
AI Severity High
AI Vendor Wikimedia Foundation
AI Product Mediawiki – CentralAuth Extension
AI Version 1.39.x, 1.42.x, 1.43.x

Affected Products

  • Wikimedia Foundation Mediawiki – CentralAuth Extension 1.39.x
  • Wikimedia Foundation Mediawiki – CentralAuth Extension 1.42.x
  • Wikimedia Foundation Mediawiki – CentralAuth Extension 1.43.x

Additional Information

CWE List CWE-287
Source wikimedia-foundation

Description

Improper Authentication vulnerability in Wikimedia Foundation Mediawiki – CentralAuth Extension allows : Bypass Authentication.This issue affects Mediawiki – CentralAuth Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.