An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-08-20T00:00:00
Updated: 2023-09-15T20:06:47.791631
Reserved: 2023-06-26T00:00:00
Link: CVE-2023-36674
JSON object: View
NVD Information
Status : Modified
Published: 2023-08-20T18:15:09.930
Modified: 2023-11-07T04:16:41.150
Link: CVE-2023-36674
JSON object: View
Redhat Information
No data.
CWE