Description

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It improperly handled account blocks for certain automatically created MediaWiki user accounts, thus allowing nefarious users to remain unblocked.

Remediation

References

CVE-2021-31554

Related Vulnerabilities

Joomla! Core Security Bypass (1.6.0 - 3.9.24)

Joomla Inadequate Encryption Strength Vulnerability (CVE-2011-3629)

TYPO3 Other Vulnerability (CVE-2007-1081)

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-28556)

WebLogic Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21350)

Severity

Medium

Classification

CVE-2021-31554 CWE-668 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities