CRITICAL🇵🇱 Wersja polska

CVE-2021-36128

CVSS 9.8v3.1pub. 2021-07-02upd. 2024-11-21

An issue was discovered in the CentralAuth extension in MediaWiki through 1.36. Autoblocks for CentralAuth-issued suppression blocks are not properly implemented.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Mediawiki

    APP
    Mediawiki
    ≤ 1.36
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-34502CRITICAL9.8PL ✓ten sam produkt

CSRF w WikibaseLexeme (MediaWiki) — nieuprawnione scalanie leksemów

CVE-2023-37303CRITICAL9.8ten sam produkt

An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. In certain situations, an att...

CVE-2023-29141CRITICAL9.8ten sam produkt

An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1....

CVE-2022-29906CRITICAL9.8ten sam produkt

The admin API module in the QuizGame extension for MediaWiki through 1.37.2 (before 665e33a68f6fa1167df99c0aa1...

CVE-2022-29904CRITICAL9.8ten sam produkt

The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773)...