Rhinosf1

**Name of the Vulnerable Software and Affected Versions** Mediawiki - CSS Extension versions 1.39.X through 1.39.8 Mediawiki - CSS Extension versions 1.41.X through 1.41.2 Mediawiki - CSS Extension versions 1.42.X through 1.42.1 **Description** The issue is related to a Path Traversal vulnerability, which allows improper limitation of a pathname to a restricted directory. This vulnerability exists in The Wikimedia Foundation Mediawiki - CSS Extension, enabling Path Traversal. **Recommendations** For versions 1.39.X through 1.39.8, update to version 1.39.9 or later. For versions 1.41.X through 1.41.2, update to version 1.41.3 or later. For versions 1.42.X through 1.42.1, update to version 1.42.2 or later.

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions prior to 1.35.8 MediaWiki versions 1.36.x through 1.37.4 MediaWiki versions 1.38.x through 1.38.2 **Description** An issue was discovered in MediaWiki where HTMLUserTextField exposes the existence of hidden users. **Recommendations** For MediaWiki versions prior to 1.35.8, update to version 1.35.8 or later. For MediaWiki versions 1.36.x through 1.37.4, update to version 1.37.5 or later. For MediaWiki versions 1.38.x through 1.38.2, update to version 1.38.3 or later.

**Name of the Vulnerable Software and Affected Versions** MediaWiki CreateRedirect extension versions prior to 2022-04-14 **Description** The issue concerns the CreateRedirect extension for MediaWiki, where it fails to properly check user permissions for editing the target page. This could allow unauthorized or blocked users to edit pages they should not have access to. **Recommendations** For MediaWiki CreateRedirect extension versions prior to 2022-04-14, update to a version released after 2022-04-14 to resolve the issue. As a temporary workaround, consider restricting access to the extension's functionality to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CreateWiki (affected versions not specified) **Description** CreateWiki is Miraheze's MediaWiki extension for requesting and creating wikis. Without the patch for this issue, anonymous comments can be made using Special:RequestWikiQueue when sent directly via POST. A patch for this issue is available in the `master` branch of CreateWiki's GitHub repository. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions through 1.36.2 **Description** An issue was discovered in a parser function related to loop control, which allowed for an infinite loop and php-fpm hang within the Loops extension because `egLoopsCountLimit` is mishandled. This could lead to memory exhaustion. **Recommendations** For MediaWiki versions through 1.36.2, update to a version that properly handles `egLoopsCountLimit` to prevent infinite loops and potential memory exhaustion. As a temporary workaround, consider disabling the Loops extension until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GlobalNewFiles versions prior to 48be7adb70568e20e961ea1cb70904454a671b1d **Description** The issue is related to an uncontrolled resource consumption vulnerability in the GlobalNewFiles mediawiki extension. A large amount of page moves within a short space of time could overwhelm Database servers due to improper handling of load balancing and a lack of an appropriate index. **Recommendations** For versions prior to 48be7adb70568e20e961ea1cb70904454a671b1d, consider avoiding the use of the extension unless additional rate limits are enabled at the MediaWiki level or via PoolCounter / MySQL as a temporary workaround. Update to version 48be7adb70568e20e961ea1cb70904454a671b1d, which includes a patch for the vulnerability.

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions through 1.35.2 CommentBox extension for MediaWiki versions through 1.35.2 **Description** An issue was discovered that allows a malicious actor to introduce XSS payloads into various layers via crafted configuration variables. **Recommendations** For MediaWiki versions through 1.35.2, update to a version that contains a fix for this issue. For CommentBox extension for MediaWiki versions through 1.35.2, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** sopel-channelmgnt versions prior to 2.0.1 **Description** The issue concerns the sopel-channelmgnt plugin for sopel, where restrictions around the removal of the bot using the kick/kickban command could be bypassed on some IRC servers when kicking multiple users at once. It is also believed that it may have been possible to remove users from other channels, but due to the complexity of IRC and following RfCs, there is no proof of concept for this. Freenode is not affected. **Recommendations** As a temporary workaround, do not use this plugin on networks where TARGMAX > 1. Upgrade to version 2.0.1 or higher to fix the issue.

**Name of the Vulnerable Software and Affected Versions** MH-WikiBot (affected versions not specified) **Description** The issue allowed unprivileged users to access steward commands on the IRC interface by impersonating the nickname of a privileged user, as no login check was performed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.