AVG-2434 log

Package mediawiki
Status Fixed
Severity Medium
Type multiple issues
Affected 1.36.1-1
Fixed 1.36.2-1
Current 1.38.2-1 [community]
Ticket None
Created Thu Sep 30 21:24:54 2021
Issue Severity Remote Type Description
CVE-2021-41801 Medium Yes Access restriction bypass
A security issue has been found in MediaWiki before version 1.36.2. ReplaceText continues performing actions if the user no longer has the correct...
CVE-2021-41800 Medium Yes Denial of service
A denial of service vulnerability in Special:Contributions has been found in MediaWiki before version 1.36.2.
CVE-2021-41799 Medium Yes Denial of service
A security issue has been found in MediaWiki before version 1.36.2. ApiQueryBacklinks can cause a full table scan, leading to high resource consumption.
CVE-2021-41798 Medium Yes Cross-site scripting
A cross-site scripting vulnerability in Special:Search has been found in MediaWiki before version 1.36.2.