CVE-2022-28209

CVE-2022-28209

EPSS 1.3%

An issue was discovered in Mediawiki through 1.37.1. The check for the override-antispoof permission in the AntiSpoof extension is incorrect.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://gerrit.wikimedia.org/r/q/Id8c4e2e336695ce70ccdf8a51ad729bf4a99f8f7 https://phabricator.wikimedia.org/T304126 https://security.gentoo.org/glsa/202305-24