Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
abusefilter vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-16528
An issue exists in the AbuseFilter extension for MediaWiki. includes/special/SpecialAbuseLog.php allows malicious users to obtain sensitive information, such as deleted/suppressed usernames and summaries, from AbuseLog revision data. This affects REL1_32 and REL1_33.
Mediawiki Abusefilter 1.32
Mediawiki Abusefilter 1.33
5.3
CVSSv3
CVE-2019-18612
An issue exists in the AbuseFilter extension up to and including 1.34 for MediaWiki. Previously hidden (restricted) AbuseFilter filters were viewable (or their differences were viewable) to unprivileged users, thus disclosing potentially sensitive information.
Mediawiki Abusefilter
5.3
CVSSv3
CVE-2019-18987
An issue exists in the AbuseFilter extension up to and including 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter...
Mediawiki Abusefilter
4.3
CVSSv3
CVE-2021-31547
An issue exists in the AbuseFilter extension for MediaWiki up to and including 1.35.2. Its AbuseFilterCheckMatch API reveals suppressed edits and usernames to unprivileged users through the iteration of crafted AbuseFilter rules.
Mediawiki Mediawiki
6.5
CVSSv3
CVE-2021-31548
An issue exists in the AbuseFilter extension for MediaWiki up to and including 1.35.2. A MediaWiki user who is partially blocked or was unsuccessfully blocked could bypass AbuseFilter and have their edits completed.
Mediawiki Mediawiki
4.3
CVSSv3
CVE-2021-31546
An issue exists in the AbuseFilter extension for MediaWiki up to and including 1.35.2. It incorrectly logged sensitive suppression deletions, which should not have been visible to users with access to view AbuseFilter log data.
Mediawiki Mediawiki
5.3
CVSSv3
CVE-2021-31545
An issue exists in the AbuseFilter extension for MediaWiki up to and including 1.35.2. The page_recent_contributors leaked the existence of certain deleted MediaWiki usernames, related to rev_deleted.
4.3
CVSSv3
CVE-2021-31549
An issue exists in the AbuseFilter extension for MediaWiki up to and including 1.35.2. The Special:AbuseFilter/examine form allowed for the disclosure of suppressed MediaWiki usernames to unprivileged users.
5.3
CVSSv3
CVE-2023-37301
An issue exists in SubmitEntityAction in Wikibase in MediaWiki up to and including 1.39.3. Because it doesn't use EditEntity for undo and restore, the intended interaction with AbuseFilter does not occur.
Mediawiki Mediawiki
5.4
CVSSv3
CVE-2021-31554
An issue exists in the AbuseFilter extension for MediaWiki up to and including 1.35.2. It improperly handled account blocks for certain automatically created MediaWiki user accounts, thus allowing nefarious users to remain unblocked.
Mediawiki Mediawiki
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »