← voltar
CVE-2016-6336

CVE-2016-6336

EPSS 1.0%
MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote authenticated users with undelete permissions to bypass intended suppressrevision and deleterevision restrictions and remove the revision deletion status of arbitrary file revisions by using Special:Undelete.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugzilla.redhat.com/show_bug.cgi?id=1369613https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.htmlhttps://phabricator.wikimedia.org/T132926