5 matches found
CVE-2024-29897
CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. It is possible for users with delete or suppressrevision on any wiki in the farm to access suppressed wiki requests by going to the request's entry on Special:RequestWikiQueue on the wiki where they have these rights. T...
PT-2024-23118 · Mediawiki · Createwiki
Name of the Vulnerable Software and Affected Versions: CreateWiki versions prior to 23415c17ffb4832667c06abcf1eadadefd4c8937 Description: The issue affects CreateWiki, a MediaWiki extension used for requesting and creating wikis on Miraheze. Users with specific rights, such as delete or...
CVE-2016-6336
MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote authenticated users with undelete permissions to bypass intended suppressrevision and deleterevision restrictions and remove the revision deletion status of arbitrary file revisions by using Special:Undelete...
CVE-2016-6336
MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote authenticated users with undelete permissions to bypass intended suppressrevision and deleterevision restrictions and remove the revision deletion status of arbitrary file revisions by using Special:Undelete...
CVE-2016-6336
CVE-2016-6336 affects MediaWiki prior to versions 1.23.15, 1.26.x prior to 1.26.4, and 1.27.x prior to 1.27.1. The vulnerability allows remote authenticated users with undelete privileges to bypass suppressrevision/deleterevision restrictions and remove the revision deletion status of arbitrary f...