Cptviraj

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions prior to 1.34.4 FileImporter extension for MediaWiki versions prior to 1.34.4 **Description** An issue in the FileImporter extension allows an attacker to import a file into a protected page, bypassing "page creation" restrictions. This occurs due to a mishandled distinction between upload and create restrictions. The attacker cannot overwrite existing content but can force a wiki to have a page with a disallowed title. **Recommendations** For MediaWiki versions prior to 1.34.4, update to version 1.34.4 or later to resolve the issue. For the FileImporter extension, update to a version compatible with MediaWiki 1.34.4 or later to fix the problem.