CVE-2015-8003

Опубликовано: 09 нояб. 2015

Источник: debian

Описание

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mediawiki	fixed	1:1.25.5-1		package
mediawiki	no-dsa		wheezy	package
mediawiki	end-of-life		squeeze	package

Примечания

https://phabricator.wikimedia.org/T91850

Связанные уязвимости

CVE-2015-8003

ubuntu

около 10 лет назад

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads.

CVE-2015-8003

nvd

около 10 лет назад

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads.

GHSA-qr44-rpx9-f5q6

github

больше 3 лет назад

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads.