Unrated severityNVD Advisory· Published Nov 9, 2015· Updated Jun 17, 2026
CVE-2015-8004
CVE-2015-8004
Description
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not properly restrict access to revisions, which allows remote authenticated users with the viewsuppressed user right to remove revision suppressions via a crafted revisiondelete action, which returns a valid a change form.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*range: <=1.23.10
- cpe:2.3:a:mediawiki:mediawiki:1.24.0:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.24.1:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.24.2:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.24.3:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.25.0:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.25.1:*:*:*:*:*:*:*
- cpe:2.3:a:mediawiki:mediawiki:1.25.2:*:*:*:*:*:*:*
- (no CPE)range: >=1.23 <1.23.11 or >=1.24 <1.24.4 or >=1.25 <1.25.3
Patches
Vulnerability mechanics
References
3- lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.htmlnvdPatchVendor Advisory
- phabricator.wikimedia.org/T95589nvdVendor Advisory
- www.securitytracker.com/id/1034028nvd
News mentions
0No linked articles in our index yet.