Lucene search
GoogleOSV:CVE-2023-22945HistoryJan 11, 2023 - 1:15 a.m.
CVE-2023-22945
2023-01-1101:15:10
Google
osv.dev
6
mediawiki
growthexperiments
api
blocked users
mentorship properties
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
28.7%
In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties.
Related
redhatcve
redhatcve
CVE-2023-22945
2023-01-16 09:06:29
cve
cve
CVE-2023-22945
2023-01-11 01:15:10
osv
osv
BIT-mediawiki-2023-22945
2024-03-06 11:02:34
nvd
nvd
CVE-2023-22945
2023-01-11 01:15:10
cnvd
cnvd
MediaWiki authorization error vulnerability (CNVD-2023-29701)
2023-04-14 00:00:00
cvelist
cvelist
CVE-2023-22945
2023-01-11 00:00:00
prion
prion
Sql injection
2023-01-11 01:15:00
nessus
nessus
Fedora 37 : mediawiki (2023-30a7a812f0)
2023-01-27 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: mediawiki-1.38.5-1.fc37
2023-01-27 08:58:39
openvas
openvas
Fedora: Security Advisory for mediawiki (FEDORA-2023-30a7a812f0)
2023-01-29 00:00:00
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
28.7%
Related for OSV:CVE-2023-22945