CVE-2025-62699

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in The Wikimedia Foundation Mediawiki - Translate Extension allows Footprinting.
Translate extension appears to use jobs to make edits to translation pages. This causes the CheckUser tool to log the wrong IP and User-Agent making these edits un-auditable via the CheckUser tool.This issue affects Mediawiki - Translate Extension: from master before 1.39.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
wikimedia-foundationCNA
---
---
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://gerrit.wikimedia.org/r/q/I65c740c8ca5130b40463d687e2f0775951abbf22
https://gerrit.wikimedia.org/r/q/Idac164418362c65d0ad37055fe9e0ad134197da3
https://phabricator.wikimedia.org/T399627