FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mediawiki -- multiple vulnerabilities

Affected packages
mediawiki135 < 1.35.8
mediawiki137 < 1.37.6
mediawiki138 < 1.38.4

Details

VuXML ID 67057b48-41f4-11ed-86c3-080027881239
Discovery 2022-09-29
Entry 2022-10-02

Mediawiki reports:

(T316304, CVE-2022-41767) SECURITY: reassignEdits doesn't update results in an IP range check on Special:Contributions..

(T309894, CVE-2022-41765) SECURITY: HTMLUserTextField exposes existence of hidden users.

(T307278, CVE-2022-41766) SECURITY: On action=rollback the message "alreadyrolled" can leak revision deleted user name.

[source]

References

CVE Name CVE-2022-41765
CVE Name CVE-2022-41766
CVE Name CVE-2022-41767
URL https://lists.wikimedia.org/hyperkitty/list/[email protected]/message/SPYFDCGZE7KJNO73ET7QVSUXMHXVRFTE/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.

OSZAR »