CVE-2025-67478

CVE-2025-67478: In Wikimedia Foundation CheckUser (includes/Mail/UserMailer.Php), commas in RFC 2822 style headers were not escaped, allowing downstream misinterpretation as value separators. Affected: MediaWiki/CheckUser components implicated by the CVE; Debian/Ubuntu advisories map this CVE to ...