CVE-2017-0370 - log back

CVE-2017-0370 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Insufficient validation
Description
+ The spam blacklist in MediaWiki before 1.28.1 could be bypassed by encoding URLs inside a file inclusion syntax's link parameter.
References
+ https://phabricator.wikimedia.org/T48143
+ https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
Notes