Back to search
CVE-2019-12467
Published: Jul 10, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
MediaWiki through 1.32.1 has Incorrect Access Control (issue 1 of 3). A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
DSA-4460
vendor-advisory
x_refsource_DEBIAN
20190612 [SECURITY] [DSA 4460-1] mediawiki security update
mailing-list
x_refsource_BUGTRAQ
https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
x_refsource_CONFIRM
https://phabricator.wikimedia.org/T209794
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now