MH-WikiBot Access Control Error Vulnerability

MH-WikiBot is a content management system. An access control error vulnerability exists in MH-WikiBot. The vulnerability arises from a network system or product that does not properly restrict access to resources from unauthorized roles. No detailed vulnerability details are available at this tim...

CVE-2020-5302

MH-WikiBot an IRC Bot for interacting with the Miraheze API, had a bug that allowed any unprivileged user to access the steward commands on the IRC interface by impersonating the Nickname used by a privileged user as no check was made to see if they were logged in. The issue has been fixed in...

CVE-2020-5302

MH-WikiBot an IRC Bot for interacting with the Miraheze API, had a bug that allowed any unprivileged user to access the steward commands on the IRC interface by impersonating the Nickname used by a privileged user as no check was made to see if they were logged in. The issue has been fixed in...

Design/Logic Flaw

MH-WikiBot an IRC Bot for interacting with the Miraheze API, had a bug that allowed any unprivileged user to access the steward commands on the IRC interface by impersonating the Nickname used by a privileged user as no check was made to see if they were logged in. The issue has been fixed in...

CVE-2020-5302 unprivileged user can access priviledged action in MH-WikiBot

MH-WikiBot an IRC Bot for interacting with the Miraheze API, had a bug that allowed any unprivileged user to access the steward commands on the IRC interface by impersonating the Nickname used by a privileged user as no check was made to see if they were logged in. The issue has been fixed in...

CVE-2020-5302

MH-WikiBot (an IRC bot) suffered an access-control vulnerability: unprivileged users could invoke steward commands by impersonating a privileged user’s nickname on the IRC interface due to a missing login verification. The issue has been fixed in commit 23d9d5b0a59667a5d6816fdabb960b537a5f9ed1. T...