Amandanp

**Name of the Vulnerable Software and Affected Versions** MediaWiki CheckUser extension versions through 1.39.3 **Description** An issue in the CheckUser extension for MediaWiki can cause denial of service when a user with checkuserlog permissions makes many CheckUserLog API requests in certain configurations, resulting in a RequestTimeoutException or upstream request timeout. **Recommendations** For versions through 1.39.3, consider restricting access to the CheckUserLog API endpoint to minimize the risk of denial of service attacks until a patch is available. As a temporary workaround, limiting the number of CheckUserLog API requests from users with checkuserlog permissions may also help mitigate the issue.