An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax.
Metrics
Affected Vendors & Products
References
History
Tue, 08 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-20 | |
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-08-20T00:00:00
Updated: 2024-10-08T14:27:38.887Z
Reserved: 2023-06-26T00:00:00
Link: CVE-2023-36674
Vulnrichment
Updated: 2024-08-02T16:52:54.118Z
NVD
Status : Modified
Published: 2023-08-20T18:15:09.930
Modified: 2024-10-08T15:35:09.850
Link: CVE-2023-36674
Redhat