Описание
An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 through 1.32.1. It is possible to bypass the limits on IP range blocks ($wgBlockCIDRLimit) by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | released | 1:1.31.2-1 |
| disco | ignored | end of life |
| eoan | released | 1:1.31.2-1 |
| esm-apps/bionic | needed | |
| esm-apps/focal | released | 1:1.31.2-1 |
| esm-apps/jammy | released | 1:1.31.2-1 |
| esm-apps/noble | released | 1:1.31.2-1 |
| esm-infra-legacy/trusty | DNE |
Показывать по
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 through 1.32.1. It is possible to bypass the limits on IP range blocks ($wgBlockCIDRLimit) by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
An Incorrect Access Control vulnerability was found in Wikimedia Media ...
MediaWiki Incorrect Access Control vulnerability
Уязвимость программного средства для реализации гипертекстовой среды MediaWiki, связанная с недостатками контроля доступа, позволяющая нарушителю нарушить целостность данных
5 Medium
CVSS2
7.5 High
CVSS3