Mediawiki · Mediawiki · CVE-2020-27621
**Name of the Vulnerable Software and Affected Versions**
MediaWiki versions prior to 1.35.0
**Description**
The issue concerns the FileImporter extension, which failed to properly attribute user actions to a specific user's IP address. It would report the IP address of an internal server instead, by omitting X-Forwarded-For data, resulting in an inability to properly audit and attribute user actions performed via the FileImporter extension.
**Recommendations**
For versions prior to 1.35.0, update to version 1.35.0 or later to resolve the issue.