---

CVE-2021-35197 - log back

CVE-2021-35197 edited at 24 Jun 2021 15:03:47
References	https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/YR3X4L2CPSEJVSY543AWEO65TD6APXHP/ https://phabricator.wikimedia.org/T280226 - https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.patch.gz + https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/7fc84bbd23c1205e13c7a8332ab39e6ff52ca107%5E%21/

CVE-2021-35197 edited at 23 Jun 2021 16:38:29
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Access restriction bypass
Description	+ A security issue has been found in MediaWiki before version 1.36.1 that allows blocked users to purge pages.
References	+ https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/YR3X4L2CPSEJVSY543AWEO65TD6APXHP/ + https://phabricator.wikimedia.org/T280226 + https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.patch.gz
Notes

CVE-2021-35197 created at 23 Jun 2021 16:28:36