3 matches found
CVE-2022-24813
CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. Without the patch for this issue, anonymous comments can be made using Special:RequestWikiQueue when sent directly via POST. A patch for this issue is available in the master branch of CreateWiki's GitHub repository...
CVE-2022-24813 Authentication Bypass Using an Alternate Path or Channel in CreateWiki
CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. Without the patch for this issue, anonymous comments can be made using Special:RequestWikiQueue when sent directly via POST. A patch for this issue is available in the master branch of CreateWiki's GitHub repository...
CVE-2022-24813
Affected software: CreateWiki, the Miraheze MediaWiki extension for requesting and creating wikis. Issue: anonymous comments can be submitted via POST to Special:RequestWikiQueue due to missing access control. Evidence in connected sources shows a patch exists in the master branch of CreateWiki's...