Описание
An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it doesn't use EditEntity for undo and restore, the intended interaction with AbuseFilter does not occur.
Ссылки
- Release NotesVendor Advisory
- ExploitIssue TrackingVendor Advisory
- Release NotesVendor Advisory
- ExploitIssue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.39.3 (включая)
cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*
EPSS
Процентиль: 15%
0.00049
Низкий
5.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-326
Связанные уязвимости
CVSS3: 5.3
ubuntu
больше 2 лет назад
An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it doesn't use EditEntity for undo and restore, the intended interaction with AbuseFilter does not occur.
CVSS3: 5.3
github
больше 2 лет назад
An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it doesn't use EditEntity for undo and restore, the intended interaction with AbuseFilter does not occur.
EPSS
Процентиль: 15%
0.00049
Низкий
5.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-326