← Back

CVE-2021-44856

nvd nist
Published: Dec 26, 2022Modified: Apr 14, 2025

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. A title blocked by AbuseFilter can be created via Special:ChangeContentModel due to the mishandling of the EditFilterMergedContent hook return value.

Affected (6)

Products: Mediawiki: Mediawiki
Mediawiki
1 product
Mediawiki
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Mediawiki
Mediawiki
Before 1.35.5
Mediawiki
From 1.36.0 to 1.36.3
Mediawiki
Version 1.37.0
Mediawiki
Version 1.37.0 rc0
Mediawiki
Version 1.37.0 rc1
Mediawiki
Version 1.37.0 rc2

Related CWEs

CWE-754
Improper Check for Unusual or Exceptional Conditions
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (4)

Source: cve@mitre.org
Issue TrackingPatchVendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.