All 5 CVE vulnerabilities found in ManageWiki, with AI-generated Chinese analysis, references, and POCs.
Vendor: miraheze
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-43861 | ManageWiki Vulnerable to Self-XSS in review dialog via unsanitized field reflection CWE-79 | 4.4 | Medium | 2025-04-24 |
| CVE-2025-32964 | ManageWiki vulnerable to permission bypass when disabling extensions requiring certain permissions in Special:ManageWiki/extensions CWE-285 | 4.6 | Medium | 2025-04-22 |
| CVE-2025-32956 | ManageWiki has SQL injection vulnerability in NamespaceMigrationJob CWE-89 | 8.0 | High | 2025-04-21 |
| CVE-2024-25109 | Cross-Site Scripting in the extensions, settings, permissions and namespaces subpages of ManageWiki CWE-79 | 6.5 | Medium | 2024-02-09 |
| CVE-2021-29483 | wikiconfig API leaked private config variables set through ManageWiki CWE-200 | 9.4 | Critical | 2021-04-28 |
All 5 known CVE vulnerabilities affecting ManageWiki with full Chinese analysis, references, and POCs where available.