Mediawiki · Mediawiki Semanticdrilldown Extension · CVE-2022-29904
**Name of the Vulnerable Software and Affected Versions**
MediaWiki SemanticDrilldown extension versions through 1.37.2
**Description**
The issue allows SQL injection with certain '-' and ' ' constraints.
**Recommendations**
For MediaWiki SemanticDrilldown extension versions through 1.37.2, update to a version after the commit e688bdba6434591b5dff689a45e4d53459954773 to resolve the issue.