An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it doesn't use EditEntity for undo and restore, the intended interaction with AbuseFilter does not occur.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Mediawiki |
|
No data.
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2023-41206 | An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it doesn't use EditEntity for undo and restore, the intended interaction with AbuseFilter does not occur. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 27 Nov 2024 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-326 | |
| Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-11-27T18:47:20.839Z
Reserved: 2023-06-30T00:00:00
Link: CVE-2023-37301
Vulnrichment
Updated: 2024-08-02T17:09:34.087Z
NVD
Status : Modified
Published: 2023-06-30T17:15:09.527
Modified: 2024-11-27T19:15:31.957
Link: CVE-2023-37301
Redhat
No data.
OpenCVE Enrichment
No data.