Lucene search
PRIOn knowledge basePRION:CVE-2020-26121HistorySep 27, 2020 - 9:15 p.m.
Design/Logic Flaw
2020-09-2721:15:00
PRIOn knowledge base
www.prio-n.com
7
An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against “page creation” and the attacker should not be able to create it. This occurs because of a mishandled distinction between an upload restriction and a create restriction. An attacker cannot leverage this to overwrite anything, but can leverage this to force a wiki to have a page with a disallowed title.
Related
osv
osv
CVE-2020-26121
2020-09-27 21:15:13
BIT-mediawiki-2020-26121
2024-03-06 11:13:50
cvelist
cvelist
CVE-2020-26121
2020-09-27 20:08:00
nvd
nvd
CVE-2020-26121
2020-09-27 21:15:13
redhatcve
redhatcve
CVE-2020-26121
2020-12-02 18:47:24
cve
cve
CVE-2020-26121
2020-09-27 21:15:13
fedora
fedora
[SECURITY] Fedora 33 Update: php-zordius-lightncandy-1.2.5-1.fc33
2020-12-14 00:59:10
[SECURITY] Fedora 33 Update: php-oojs-oojs-ui-0.39.3-1.fc33
2020-12-14 00:59:10
[SECURITY] Fedora 33 Update: php-wikimedia-assert-0.5.0-1.fc33
2020-12-14 00:59:10
openvas
openvas
Fedora: Security Advisory for php-wikimedia-assert (FEDORA-2020-a4802c53d9)
2020-12-14 00:00:00
Fedora: Security Advisory for mediawiki (FEDORA-2020-a4802c53d9)
2020-12-14 00:00:00
Fedora: Security Advisory for php-oojs-oojs-ui (FEDORA-2020-a4802c53d9)
2020-12-14 00:00:00
nessus
nessus