MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| mediawiki/core(Packagist) | 1.31.0 | 1.31.6 | N/A |
| mediawiki/core(Packagist) | 1.32.0 | 1.32.6 | N/A |
| mediawiki/core(Packagist) | 1.33.0 | 1.33.2 | N/A |
| mediawiki/core(Packagist) | 1.33.99 | 1.34.0 | N/A |
CVSS Metrics
