CVE-2021-44856

CVSS v3.1 5.3 (Medium)

EPSS 0.08 % (34^th)

Affected Products 1

Advisories 4

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. A title blocked by AbuseFilter can be created via Special:ChangeContentModel due to the mishandling of the EditFilterMergedContent hook return value.

Weaknesses

CWE-754: Improper Check for Unusual or Exceptional Conditions

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2022-12-26 06:15:10
(21 months ago)
Updated Date: 2023-05-21 22:15:11
(16 months ago)

Affected Products

Mediawiki

Mediawiki

Configuration #1

	CPE23	From	Up To
Mediawiki prior 1.35.5 version	cpe:2.3:a:mediawiki:mediawiki		< 1.35.5
Mediawiki from 1.36.0 version and prior 1.36.3 version	cpe:2.3:a:mediawiki:mediawiki	>= 1.36.0	< 1.36.3
Mediawiki 1.37.0	cpe:2.3:a:mediawiki:mediawiki:1.37.0:-
Mediawiki 1.37.0 Rc0	cpe:2.3:a:mediawiki:mediawiki:1.37.0:rc0
Mediawiki 1.37.0 Rc1	cpe:2.3:a:mediawiki:mediawiki:1.37.0:rc1
Mediawiki 1.37.0 Rc2	cpe:2.3:a:mediawiki:mediawiki:1.37.0:rc2