CVE-2025-32956
📋 TL;DR
ManageWiki MediaWiki extension versions before commit f504ed8 are vulnerable to SQL injection when renaming namespaces via Special:ManageWiki/namespaces. Attackers can execute arbitrary SQL commands by injecting malicious payloads into the namespace name field. This affects all MediaWiki installations using vulnerable ManageWiki versions.
💻 Affected Systems
- ManageWiki MediaWiki extension
📦 What is this software?
Managewiki by Miraheze
⚠️ Risk & Real-World Impact
Worst Case
Full database compromise allowing data theft, modification, or deletion; potential privilege escalation to administrative access; complete system takeover if database permissions allow.
Likely Case
Unauthorized data access and modification of wiki content, user information, and configuration settings; potential for privilege escalation within the wiki system.
If Mitigated
Limited impact with proper input validation and database permission restrictions; potential for data exposure but not system compromise.
🎯 Exploit Status
Exploitation requires authenticated access to ManageWiki namespace management interface; SQL injection is straightforward once access is obtained.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Commit f504ed8eeb59b57ebb90f93cd44f23da4c5bc4c9
Vendor Advisory: https://github.com/miraheze/ManageWiki/security/advisories/GHSA-gg42-cv66-f5x7
Restart Required: No
Instructions:
1. Update ManageWiki extension to commit f504ed8 or later. 2. Apply the patch from GitHub commit f504ed8eeb59b57ebb90f93cd44f23da4c5bc4c9. 3. Clear MediaWiki caches if necessary.
🔧 Temporary Workarounds
Disable ManageWiki namespaces feature
allDisables the vulnerable namespace management functionality in ManageWiki
Add to LocalSettings.php: $wgManageWiki['namespaces'] = false;
🧯 If You Can't Patch
- Restrict access to Special:ManageWiki/namespaces to trusted administrators only
- Implement web application firewall rules to block SQL injection patterns in namespace parameters
🔍 How to Verify
Check if Vulnerable:
Check if ManageWiki extension is installed and version is before commit f504ed8; verify if $wgManageWiki['namespaces'] is enabled.Check Version:
Check MediaWiki extensions directory for ManageWiki version or git commit hashVerify Fix Applied:
Confirm ManageWiki is updated to commit f504ed8 or later; verify namespace renaming functionality works without SQL errors.📡 Detection & Monitoring
Log Indicators:
- Unusual SQL queries in database logs from ManageWiki namespace operations
- Multiple failed namespace rename attempts with special characters
Network Indicators:
- POST requests to Special:ManageWiki/namespaces with SQL keywords in parameters
SIEM Query:
web_requests WHERE url_path CONTAINS 'Special:ManageWiki/namespaces' AND (params CONTAINS 'UNION' OR params CONTAINS 'SELECT' OR params CONTAINS 'INSERT')🔗 References
- https://github.com/miraheze/ManageWiki/commit/f504ed8eeb59b57ebb90f93cd44f23da4c5bc4c9
- https://github.com/miraheze/ManageWiki/security/advisories/GHSA-gg42-cv66-f5x7
- https://www.vicarius.io/vsociety/posts/cve-2025-32956-detect-mediawiki-vulnerability
- https://www.vicarius.io/vsociety/posts/cve-2025-32956-mitigate-mediawiki-vulnerability
