Lucene search
K

6 matches found

Cvelist
Cvelist
added 2024/03/28 1:43 p.m.21 views

CVE-2024-29898 Oversight in fix for GHSA-4rcf-3cj2-46mq may have exposed suppressed wiki requests on private wikis

CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. An oversight during the writing of the patch for CVE-2024-29897 may have exposed suppressed wiki requests to private wikis that added Special:RequestWikiQueue to the read whitelist to users without the read permission...

4.9CVSS5.2AI score0.00691EPSS
Exploits0References3
CVE
CVE
added 2024/03/28 1:43 p.m.76 views

CVE-2024-29898

The CVE-2024-29898 entry concerns Miraheze’s CreateWiki (MediaWiki extension). Affected behavior: during patching for CVE-2024-29897, an oversight could cause suppressed wiki requests listed on Special:RequestWikiQueue to be accessible to users on private wikis who had the (read) permission not r...

6.5CVSS4.8AI score0.00708EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/03/28 1:43 p.m.32 views

CVE-2024-29898 Oversight in fix for GHSA-4rcf-3cj2-46mq may have exposed suppressed wiki requests on private wikis

CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. An oversight during the writing of the patch for CVE-2024-29897 may have exposed suppressed wiki requests to private wikis that added Special:RequestWikiQueue to the read whitelist to users without the read permission...

4.9CVSS6.5AI score0.00691EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/03/28 1:40 p.m.13 views

CVE-2024-29897 CreateWiki Leak of suppressed wiki requests outside of `CreateWikiGlobalWiki`

CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. It is possible for users with delete or suppressrevision on any wiki in the farm to access suppressed wiki requests by going to the request's entry on Special:RequestWikiQueue on the wiki where they have these rights. T...

4.9CVSS7AI score0.00708EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/03/28 12:0 a.m.5 views

CreateWiki 安全漏洞

CreateWiki is Miraheze's MediaWiki extension for requesting and creating wikis. A security vulnerability exists in CreateWiki. An attacker can exploit this vulnerability to access suppressed wiki requests...

4.9CVSS6.5AI score0.00708EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/03/28 12:0 a.m.7 views

PT-2024-23118 · Mediawiki · Createwiki

Name of the Vulnerable Software and Affected Versions: CreateWiki versions prior to 23415c17ffb4832667c06abcf1eadadefd4c8937 Description: The issue affects CreateWiki, a MediaWiki extension used for requesting and creating wikis on Miraheze. Users with specific rights, such as delete or...

4.9CVSS7.2AI score0.00708EPSS
Exploits0References8
Rows per page
Query Builder