PT-2023-18772 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.9 MediaWiki versions 1.36.x through 1.38.x before 1.38.5 MediaWiki versions 1.39.x before 1.39.1 Description: An issue was discovered in MediaWiki where the CheckUser TokenManager insecurely uses AES-CTR...