CVE-2025-11175 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in The Wikimedia Foundation…
High CVSS: 8.8

CVE-2025-11175

Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in The Wikimedia Foundation Mediawiki - DiscussionTools Extension allows Regular Expression Exponential Blowup.This issue affects Mediawiki - DiscussionTools Extension: 1.44, 1.43.
Vendor
-
Product
-
CWE
CWE-917
Yayın Tarihi
2026-01-30 20:16:40
Güncelleme
2026-02-04 16:34:21
Source Identifier
c4f26cc8-17ff-4c99-b5e2-38fc1793eacc
KEV Date Added
-

Kategoriler

CWE-917 HIGH 2026

Referanslar

https://gerrit.wikimedia.org/r/q/I126203ab1d3ec8c1719cbb5460a887e4d0c2cc6d https://gerrit.wikimedia.org/r/q/I563219f3298a8740e158d130492bf3d2897784d7 https://phabricator.wikimedia.org/T364910 https://phabricator.wikimedia.org/T396248