CVE-2019-12469

Name: CVE-2019-12469
Creator: NVD / NIST
Published: 2019-07-10T17:15:12.087+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.41%

Last modified Jun 17, 2026

CVE-2019-12469 is a vulnerability of currently unknown severity. MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed username or log in Special:EditTags are exposed. EPSS estimates a 1.41% chance of exploitation in the next 30 days.

Description

MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed username or log in Special:EditTags are exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.

Metrics

EPSS Probability

1.41%

69.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-862

Affected Software

Vendor	Product	Versions
Mediawiki	Mediawiki	< 1.27.6
Mediawiki	Mediawiki	>= 1.27.7, < 1.30.2
Mediawiki	Mediawiki	>= 1.31.0, < 1.31.2
Mediawiki	Mediawiki	>= 1.32.0, < 1.32.2
Debian	Debian Linux	9.0

References

https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.htmlMailing List, Release Notes, Vendor Advisory
https://phabricator.wikimedia.org/T222036Vendor Advisory
https://seclists.org/bugtraq/2019/Jun/12Issue Tracking, Mailing List, Third Party Advisory
https://www.debian.org/security/2019/dsa-4460Third Party Advisory
https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.htmlMailing List, Release Notes, Vendor Advisory
https://phabricator.wikimedia.org/T222036Vendor Advisory
https://seclists.org/bugtraq/2019/Jun/12Issue Tracking, Mailing List, Third Party Advisory
https://www.debian.org/security/2019/dsa-4460Third Party Advisory

Timeline

Published: Jul 10, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-12469?

MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed username or log in Special:EditTags are exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.

How severe is CVE-2019-12469?

Severity scoring for CVE-2019-12469 is pending analysis. The EPSS model estimates a 1.41% probability of exploitation in the next 30 days.

How do I fix CVE-2019-12469?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-12469?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST