Описание
MediaWiki through 1.32.1 has Incorrect Access Control (issue 1 of 3). A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | released | 1:1.31.2-1 |
| disco | ignored | end of life |
| eoan | released | 1:1.31.2-1 |
| esm-apps/bionic | needed | |
| esm-apps/focal | released | 1:1.31.2-1 |
| esm-apps/jammy | released | 1:1.31.2-1 |
| esm-apps/noble | released | 1:1.31.2-1 |
| esm-infra-legacy/trusty | DNE |
Показывать по
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
MediaWiki through 1.32.1 has Incorrect Access Control (issue 1 of 3). A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
MediaWiki through 1.32.1 has Incorrect Access Control (issue 1 of 3). ...
MediaWiki Incorrect Access Control vulnerability
Уязвимость функции Special:ChangeEmail программного средства для реализации гипертекстовой среды MediaWiki, позволяющая нарушителю оказать воздействие на целостность данных
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3