CVE-2022-24813

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions CreateWiki (affected versions not specified)

Description CreateWiki is Miraheze's MediaWiki extension for requesting and creating wikis. Without the patch for this issue, anonymous comments can be made using Special:RequestWikiQueue when sent directly via POST. A patch for this issue is available in the master branch of CreateWiki's GitHub repository.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Authentication Bypass Using an Alternate Path or Channel

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-288CWE-287

Related Identifiers

CVE-2022-24813

GHSA-9XVW-W66V-PRVG

Affected Products

Createwiki

CVE-2022-24813

Weakness Enumeration

Related Identifiers

Affected Products

References · 8