An issue was discovered in the Translate extension in MediaWiki through 1.36.2. Oversighters cannot undo revisions or oversight on pages where they suppressed information (such as PII). This allows oversighters to whitewash revisions.
References
Link | Resource |
---|---|
https://gerrit.wikimedia.org/r/q/I4d95220ef414337147235f7ebedc9b945c3348e3 | Patch Vendor Advisory |
https://phabricator.wikimedia.org/T286884 | Permissions Required Vendor Advisory |
Configurations
History
30 Sep 2022, 16:58
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://gerrit.wikimedia.org/r/q/I4d95220ef414337147235f7ebedc9b945c3348e3 - Patch, Vendor Advisory | |
References | (MISC) https://phabricator.wikimedia.org/T286884 - Permissions Required, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CPE | cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:* | |
CWE | NVD-CWE-noinfo | |
First Time |
Mediawiki mediawiki
Mediawiki |
29 Sep 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-29 03:15
Updated : 2023-12-10 14:35
NVD link : CVE-2021-42049
Mitre link : CVE-2021-42049
CVE.ORG link : CVE-2021-42049
JSON object : View
Products Affected
mediawiki
- mediawiki
CWE