Vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils
CVE-2025-32072
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils allows WebView Injection.This issue affects Mediawiki Core - Feed Utils: from 1.39 through 1.43.
EPSS: 0.004 (30.5th percentile) — read the EPSS interpretation.
Affected products
- The Wikimedia Foundation Mediawiki Core - Feed Utils — versions 1.39
Weakness classification (CWE)
Public proof-of-concept exploits
References
Frequently asked questions
- What is CVE-2025-32072?
- CVE-2025-32072 is a vulnerability in The Wikimedia Foundation Mediawiki Core - Feed Utils, classified under Improper Encoding or Escaping of Output. Published 2025-04-11.
- Is CVE-2025-32072 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.