CVE-2025-11175

2026-01-30 c4f26cc8-17ff-4c99-b5e2-38fc1793eacc

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 22:00 vuln.today
CVE Published
Jan 30, 2026 - 20:16 nvd
N/A

Tags

Mediawiki

Description

Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in The Wikimedia Foundation Mediawiki - DiscussionTools Extension allows Regular Expression Exponential Blowup.This issue affects Mediawiki - DiscussionTools Extension: 1.44, 1.43.

Analysis

Wikimedia Foundation Mediawiki - DiscussionTools Extension is affected by improper neutralization of special elements used in an expression language statement.

Technical Context

This vulnerability (CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement) affects Wikimedia Foundation Mediawiki - DiscussionTools Extension. Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in The Wikimedia Foundation Mediawiki - DiscussionTools Extension allows Regular Expression Exponential Blowup.This issue affects Mediawiki - DiscussionTools Extension: 1.44, 1.43.

Affected Products

Product: Wikimedia Foundation Mediawiki - DiscussionTools Extension.

Remediation

Monitor vendor advisories for a patch.

Priority Score

0
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +0
POC: 0

Share

CVE-2025-11175 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy