5 matches found
CVE-2021-41801
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time due to the job queue backlog...
Updated mediawiki packages fix security vulnerability
XSS vulnerability in Special:Search. CVE-2021-41798 ApiQueryBacklinks can cause a full table scan. CVE-2021-41799 Fix PoolCounter protection of Special:Contributions. CVE-2021-41800 ReplaceText continues performing actions if the user no longer has the correct permission such as by being blocked...
DEBIAN-CVE-2021-41801
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time due to the job queue backlog...
CVE-2021-41801
The CVE-2021-41801 issue affects MediaWiki's ReplaceText extension (up to v1.41) and causes Incorrect Access Control: after a user is blocked following a replace job submission, the queued job may still execute later. The Debian security advisory and related Nessus entries confirm this as a vulne...
FreeBSD : mediawiki -- multiple vulnerabilities (f84ab297-2285-11ec-9e79-08002789875b)
MediaWiki reports : T285515, CVE-2021-41798 SECURITY: XSS vulnerability in Special:Search. T290379, CVE-2021-41799 SECURITY: ApiQueryBacklinks can cause a full table scan. T284419, CVE-2021-41800 SECURITY: fix PoolCounter protection of Special:Contributions. T279090, CVE-2021-41801 SECURITY:...