Vituzzu

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions prior to 1.23.12 MediaWiki versions 1.24.x prior to 1.24.5 MediaWiki versions 1.25.x prior to 1.25.4 MediaWiki versions 1.26.x prior to 1.26.1 **Description** The issue arises from the improper normalization of IP addresses containing zero-padded octets. This could potentially allow remote attackers to bypass intended access restrictions by using an IP address that was not supposed to have been allowed. **Recommendations** For MediaWiki versions prior to 1.23.12, update to version 1.23.12 or later. For MediaWiki versions 1.24.x prior to 1.24.5, update to version 1.24.5 or later. For MediaWiki versions 1.25.x prior to 1.25.4, update to version 1.25.4 or later. For MediaWiki versions 1.26.x prior to 1.26.1, update to version 1.26.1 or later.