Anomie

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions 1.23.x through 1.23.10 MediaWiki versions 1.24.x through 1.24.3 MediaWiki versions 1.25.x through 1.25.2 **Description** The issue allows remote authenticated users with the `viewsuppressed` user right to remove revision suppressions via a crafted `revisiondelete` action. This is due to improper access restriction to revisions. **Recommendations** For MediaWiki versions 1.23.x through 1.23.10, update to version 1.23.11 or later. For MediaWiki versions 1.24.x through 1.24.3, update to version 1.24.4 or later. For MediaWiki versions 1.25.x through 1.25.2, update to version 1.25.3 or later.

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions 1.2x through 1.22.14 MediaWiki versions 1.23.x through 1.23.7 MediaWiki versions 1.24.x through 1.24.0 **Description** The issue allows remote attackers to bypass CORS restrictions in `$wgCrossSiteAJAXdomains` via a domain that has a partial match to an allowed origin. This can be demonstrated by using a domain such as "http://en.wikipedia.org.evilsite.example/." **Recommendations** For MediaWiki versions 1.2x through 1.22.14, update to version 1.22.15 or later. For MediaWiki versions 1.23.x through 1.23.7, update to version 1.23.8 or later. For MediaWiki versions 1.24.x through 1.24.0, update to version 1.24.1 or later.

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions prior to 1.19.10 MediaWiki versions 1.20.x MediaWiki versions 1.21.x prior to 1.21.4 MediaWiki versions 1.22.x prior to 1.22.1 **Description** The issue allows remote attackers to cause a denial of service, resulting in a crash due to a NULL pointer dereference. This can be achieved by converting specific Lua data structures to PHP, such as passing `{ [{}] = 1 }` to a module function. **Recommendations** For MediaWiki versions prior to 1.19.10, update to version 1.19.10 or later. For MediaWiki versions 1.20.x, update to version 1.21.4 or later, as 1.20.x is not directly patchable and has reached end-of-life. For MediaWiki versions 1.21.x prior to 1.21.4, update to version 1.21.4 or later. For MediaWiki versions 1.22.x prior to 1.22.1, update to version 1.22.1 or later.

**Name of the Vulnerable Software and Affected Versions** MediaWiki CentralAuth extension versions 1.19.x through 1.19.7 MediaWiki CentralAuth extension versions 1.20.x through 1.20.6 MediaWiki CentralAuth extension versions 1.21.x through 1.21.1 **Description** The issue allows remote attackers to bypass authentication without a password by exploiting a caching mechanism in the CentralAuth extension. This occurs because a valid CentralAuthUser object is cached in the centralauth User cookie even when a user has not successfully logged in. **Recommendations** For MediaWiki CentralAuth extension versions 1.19.x through 1.19.7, update to version 1.19.8 or later. For MediaWiki CentralAuth extension versions 1.20.x through 1.20.6, update to version 1.20.7 or later. For MediaWiki CentralAuth extension versions 1.21.x through 1.21.1, update to version 1.21.2 or later.