Описание
An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.11 | mediawiki | Out of support scope |
Показывать по
10
Дополнительная информация
Статус:
Low
https://bugzilla.redhat.com/show_bug.cgi?id=2183627mediawiki: Auto-block can occur for an untrusted X-Forwarded-For header
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 9.8
ubuntu
почти 3 года назад
An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header.
CVSS3: 9.8
nvd
почти 3 года назад
An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header.
CVSS3: 9.8
debian
почти 3 года назад
An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1. ...
CVSS3: 9.8
github
почти 3 года назад
X-Forwarded-For header allows brute-forcing autoblocked IP addresses
5.3 Medium
CVSS3