The wikitext parser in MediaWiki 1.17.x prior to 1.17.3 and 1.18.x prior to 1.18.2 allows remote malicious users to cause a denial of service (infinite loop) via certain input, as demonstrated by the padleft function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mediawiki mediawiki 1.17.0 |
||
mediawiki mediawiki 1.17.1 |
||
mediawiki mediawiki 1.17.2 |
||
mediawiki mediawiki 1.17 |
||
mediawiki mediawiki 1.18.0 |
||
mediawiki mediawiki 1.18.1 |
||
mediawiki mediawiki 1.18 |