Lucene search

GitHub_MCVELIST:CVE-2024-29897

HistoryMar 28, 2024 - 1:40 p.m.

CVE-2024-29897 CreateWiki Leak of suppressed wiki requests outside of `CreateWikiGlobalWiki`

2024-03-2813:40:43

CWE-200

GitHub_M

www.cve.org

miraheze

mediawiki

vulnerability

rest api

request suppression

fixed vulnerability

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

5.3

Confidence

High

EPSS

Percentile

15.5%

JSON

CreateWiki is Miraheze’s MediaWiki extension for requesting & creating wikis. It is possible for users with (delete) or (suppressrevision) on any wiki in the farm to access suppressed wiki requests by going to the request’s entry on Special:RequestWikiQueue on the wiki where they have these rights. The same vulnerability was present briefly on the REST API before being quickly corrected in commit 6bc0685. To our knowledge, the vulnerable commits of the REST API are not running in production anywhere. This vulnerability is fixed in 23415c17ffb4832667c06abcf1eadadefd4c8937.

CNA Affected

[
  {
    "vendor": "miraheze",
    "product": "CreateWiki",
    "versions": [
      {
        "version": "< 23415c17ffb4832667c06abcf1eadadefd4c8937",
        "status": "affected"
      }
    ]
  }
]

References

github.com/miraheze/CreateWiki/security/advisories/GHSA-4rcf-3cj2-46mq

github.com/miraheze/mw-config/commit/fb3e68bcef459e9cf2a415241b28042a6c9727e8

issue-tracker.miraheze.org/F3093343

issue-tracker.miraheze.org/T11999

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

5.3

Confidence

High

EPSS

Percentile

15.5%

JSON

Related for CVELIST:CVE-2024-29897