CVE-2015-8003

2015-11-0918:00:00

mitre

www.cve.org

9.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.8%

JSON

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads.

References

www.securitytracker.com/id/1034028

lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html

phabricator.wikimedia.org/T91850