Описание
In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.11 | mediawiki | Out of support scope |
Показывать по
10
Дополнительная информация
Статус:
Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2161175mediawiki: GrowthExperiments growthmanagementorlist API allows blocked users to enroll as mentors
EPSS
Процентиль: 48%
0.00254
Низкий
5.5 Medium
CVSS3
Связанные уязвимости
CVSS3: 4.3
nvd
около 3 лет назад
In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties.
CVSS3: 4.3
github
около 3 лет назад
In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties.
EPSS
Процентиль: 48%
0.00254
Низкий
5.5 Medium
CVSS3