CVE-2018-0503 log

Source
Severity Low
Remote Yes
Type Access restriction bypass
Description
A security issue has been found in the rate limiting feature of mediawiki < 1.31.1 where, contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'.
Group Package Affected Fixed Severity Status Ticket
AVG-765 mediawiki 1.31.0-1 1.31.1-1 Medium Fixed
Date Advisory Group Package Severity Type
25 Sep 2018 ASA-201809-5 AVG-765 mediawiki Medium multiple issues
References
https://phabricator.wikimedia.org/T169545
https://github.com/wikimedia/mediawiki/commit/befd48c5f7d3d073de96c87375d7380f6187deb6