Skip to main content

CVE-2025-53485: CWE-862 Missing Authorization in Wikimedia Foundation Mediawiki - SecurePoll extension

High
VulnerabilityCVE-2025-53485cvecve-2025-53485cwe-862
Published: Fri Jul 04 2025 (07/04/2025, 17:39:36 UTC)
Source: CVE Database V5
Vendor/Project: Wikimedia Foundation
Product: Mediawiki - SecurePoll extension

Description

SetTranslationHandler.php does not validate that the user is an election admin, allowing any (even unauthenticated) user to change election-related translation text. While partially broken in newer MediaWiki versions, the check is still missing. This issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.

AI-Powered Analysis

AILast updated: 07/14/2025, 21:17:35 UTC

Technical Analysis

CVE-2025-53485 is a high-severity vulnerability affecting the SecurePoll extension of the Wikimedia Foundation's MediaWiki software, specifically versions 1.39.x before 1.39.13, 1.42.x before 1.42.7, and 1.43.x before 1.43.2. The vulnerability is classified under CWE-862, which refers to missing authorization. The core issue lies in the SetTranslationHandler.php component of the SecurePoll extension, which fails to properly verify whether the user attempting to modify election-related translation text is an authorized election administrator. This lack of authorization validation means that any user, including unauthenticated users, can alter translation strings related to elections. Although newer MediaWiki versions have partially addressed this issue, the authorization check remains incomplete, leaving the vulnerability exploitable. The CVSS 3.1 base score is 7.5, indicating a high severity level, with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N. This means the vulnerability can be exploited remotely over the network without any privileges or user interaction, causing a high impact on integrity but no impact on confidentiality or availability. The vulnerability does not currently have known exploits in the wild, but its nature allows an attacker to manipulate election-related content, potentially undermining the trustworthiness and accuracy of election information presented via MediaWiki platforms using SecurePoll. This could lead to misinformation or manipulation of election outcomes or perceptions if the affected MediaWiki instances are used for election management or reporting.

Potential Impact

For European organizations, especially those involved in political processes, public administration, or civic engagement that utilize MediaWiki with the SecurePoll extension, this vulnerability poses a significant risk. The ability for unauthenticated users to modify election-related translation text could lead to misinformation, manipulation of election data, or disruption of election-related communications. This undermines the integrity of election processes and could erode public trust in democratic institutions. Additionally, organizations using MediaWiki for internal polling or decision-making processes may experience compromised data integrity, affecting governance and operational decisions. The impact is particularly critical in countries with high reliance on digital platforms for election transparency and citizen engagement. Furthermore, misinformation propagated through altered translations can have cascading effects on social stability and political discourse within European societies.

Mitigation Recommendations

To mitigate this vulnerability, organizations should immediately upgrade the SecurePoll extension to the latest patched versions: 1.39.13 or later for the 1.39.x branch, 1.42.7 or later for the 1.42.x branch, and 1.43.2 or later for the 1.43.x branch. If upgrading is not immediately feasible, organizations should implement strict access controls at the web server or application firewall level to restrict access to the SetTranslationHandler.php endpoint to authorized election administrators only. Additionally, auditing and monitoring of translation changes related to elections should be enhanced to detect unauthorized modifications promptly. Organizations should also review and harden their MediaWiki configurations to enforce role-based access controls and validate user permissions rigorously. Finally, educating administrators about this vulnerability and encouraging prompt patch management practices will reduce exposure time.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
wikimedia-foundation
Date Reserved
2025-06-30T15:20:44.462Z
Cvss Version
null
State
PUBLISHED

Threat ID: 686815556f40f0eb72a1e957

Added to database: 7/4/2025, 5:54:29 PM

Last enriched: 7/14/2025, 9:17:35 PM

Last updated: 7/14/2025, 9:17:35 PM

Views: 12

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats