Xzonn

**Name of the Vulnerable Software and Affected Versions** MediaWiki versions 1.31.12 and earlier MediaWiki versions 1.32.x through 1.35.x before 1.35.2 **Description** The issue is related to the ContentModelChange function in MediaWiki, which lacks proper authorization. This allows a remote attacker to potentially impact the integrity of protected information by creating and setting the content model of a nonexistent page without correct permissions. **Recommendations** For MediaWiki versions 1.31.12 and earlier, update to version 1.31.12 or later. For MediaWiki versions 1.32.x through 1.35.x before 1.35.2, update to version 1.35.2 or later. As a temporary workaround, consider restricting access to the ContentModelChange function to minimize the risk of exploitation.