PT-2026-30980 · Mediawiki · Reportincident Extension+1
Dreamy_Jazz
+1
·
Published
2026-04-07
·
Updated
2026-04-07
·
CVE-2026-5762
CVSS v4.0
5.3
Medium
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L |
Name of the Vulnerable Software and Affected Versions
MediaWiki - ReportIncident Extension versions 1.43.7, 1.44.4, and 1.45.2
Description
The ReportIncident Extension in MediaWiki is susceptible to HTTP Denial of Service (DoS) attacks due to unrestricted resource allocation and a lack of throttling. This allows an attacker to exhaust server resources by sending a large number of HTTP requests.
Recommendations
Update to a newer version of the ReportIncident Extension that addresses this resource allocation issue.
Update to a newer version of MediaWiki that addresses this resource allocation issue.
Fix
DoS
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mediawiki
Reportincident Extension