PT-2023-25894 · Mediawiki+1 · Mediawiki Checkuser Extension+1

Generalnotability

·

Publicado

2023-06-30

·

Atualizado

2024-11-27

·

CVE-2023-37303

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions CheckUser extension for MediaWiki versions through 1.39.3
Description An issue was discovered in certain situations where an attempt to block a user fails after a temporary browser hang and a DBQueryDisconnectedError error message.
Recommendations For CheckUser extension for MediaWiki versions through 1.39.3, update to a version later than 1.39.3 to resolve the issue. At the moment, there is no information about other specific mitigation measures for this issue.

Exploit

Correção

Improper Check for Exceptional Conditions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-754

Identificadores relacionados

ALT-PU-2023-4877
ALT-PU-2024-11168
ALT-PU-2024-1228
BIT-MEDIAWIKI-2023-37303
CVE-2023-37303

Produtos afetados

Alt Linux
Mediawiki Checkuser Extension