Описание
An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the cu_log database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could turn off Special:CheckUserLog and thus interfere with usage tracking.
Ссылки
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
EPSS
6.5 Medium
CVSS3
6.4 Medium
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the cu_log database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could turn off Special:CheckUserLog and thus interfere with usage tracking.
EPSS
6.5 Medium
CVSS3
6.4 Medium
CVSS2