EUVD-2022-5220

Malicious code in bioql PyPI...

The vulnerability of the OATHAuth extension of the software platform for implementing the MediaWiki hypertext environment allows a hacker to circumvent existing security restrictions through brute-force attacks.

The vulnerability of the OATHAuth extension, a software tool for implementing a hypertext environment like MediaWiki, relates to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor to circumvent existing security measures through...

GHSA-RQVJ-FC2X-99Q6 OATHAuth extension in MediaWiki is not implementing rate limit

An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.9 and 1.32.x through 1.34.x before 1.34.3. For Wikis using OATHAuth on a farm/cluster such as via CentralAuth, rate limiting of OATH tokens is only done on a single site level. Thus, multiple requests can be made across ma...

PT-2020-6813 · Oathauth +3 · Oathauth +3

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.31.10 MediaWiki versions 1.32.x through 1.34.x before 1.34.4 Description: The issue is related to insufficient restriction of authentication attempts in the OATHAuth extension for MediaWiki. This can be exploited...