CVE-2023-45367

Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 09/10/2023 Updated: 12/10/2023

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

An issue exists in the CheckUser extension for MediaWiki prior to 1.35.12, 1.36.x up to and including 1.39.x prior to 1.39.5, and 1.40.x prior to 1.40.1. A user can use a rest.php/checkuser/v0/useragent-clienthints/revision/ URL to store an arbitrary number of rows in cu_useragent_clienthints, leading to a denial of service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mediawiki mediawiki 1.40.0
mediawiki mediawiki

NVD-CWE-noinfo https://phabricator.wikimedia.org/T344923 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-45367

Vulnerability Summary

References

Vulmon Search

About

Products

Connect