Wednesday, January 5, 2022

MediaWiki: Unspecified Security Vulnerability (CVE-2021-45471)

Description
In MediaWiki through 1.37, blocked IP addresses are allowed to edit EntitySchema items.
Solution(s)
  • mediawiki-upgrade-latest


  • References
  • https://attackerkb.com/topics/cve-2021-45471
  • CVE - 2021-45471
  • https://gerrit.wikimedia.org/r/q/Iac86cf63bd014ef99e83dccfce9b8942e15d2bf9
  • https://gerrit.wikimedia.org/r/q/Id9af124427bcd1e85301d2140a38bf47bbc5622c
  • https://phabricator.wikimedia.org/T296578




  •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore