6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.021 Low
EPSS
Percentile
89.3%
MediaWiki user Marco discovered that security checks for file uploads were not being run when the file was uploaded in chunks through the API. This option has been available to users who can upload files since MediaWiki 1.19 (CVE-2013-2114).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 3 | noarch | mediawiki | < 1.20.6-1.2 | mediawiki-1.20.6-1.2.mga3 |