CVE-2024-29897

CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. It is possible for users with delete or suppressrevision on any wiki in the farm to access suppressed wiki requests by going to the request's entry on Special:RequestWikiQueue on the wiki where they have these rights. T...

PT-2024-32813 · Mediawiki · Createwiki

Name of the Vulnerable Software and Affected Versions: CreateWiki affected versions not specified Description: The issue concerns the CreateWiki extension used for requesting and creating wikis, where the name of requested wikis is not properly escaped on the Special:RequestWikiQueue page. This...

PT-2022-16893 · Miraheze · Createwiki

Name of the Vulnerable Software and Affected Versions: CreateWiki affected versions not specified Description: CreateWiki is Miraheze's MediaWiki extension for requesting and creating wikis. Without the patch for this issue, anonymous comments can be made using Special:RequestWikiQueue when sent...

CreateWiki 授权问题漏洞

CreateWiki is Miraheze's MediaWiki extension for requesting and creating wikis. A security vulnerability exists in CreateWiki that stems from the ability to use Special:RequestWikiQueue for anonymous comments when sent directly via POST...