CVE-2022-28206

CVE-2022-28206

EPSS 1.4%

An issue was discovered in MediaWiki through 1.37.1. ImportPlanValidator.php in the FileImporter extension mishandles the check for edit rights.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://gerrit.wikimedia.org/r/q/I84be9cd3639b8ab0e037a4ec2d3f2f478f0989c5 https://phabricator.wikimedia.org/T294256 https://security.gentoo.org/glsa/202305-24