CVE-2022-28205

CVE-2022-28205

EPSS 1.4%

An issue was discovered in MediaWiki through 1.37.1. The CentralAuth extension mishandles a ttl issue for groups expiring in the future.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://gerrit.wikimedia.org/r/q/Ic6ba1a37b78df5b342ceeba4c1493dbde583b81f https://phabricator.wikimedia.org/T302248 https://security.gentoo.org/glsa/202305-24