Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-36674
HistoryAug 20, 2023 - 6:15 p.m.

Design/Logic Flaw

2023-08-2018:15:00
PRIOn knowledge base
www.prio-n.com
8
mediawiki
bypassing
bad image list
manualthumb

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.7%

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax.

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.7%