Lucene search
Veracode Vulnerability DatabaseVERACODE:20771HistoryJul 11, 2019 - 5:54 a.m.
Authorization Bypass
2019-07-1105:54:41
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.002 Low
EPSS
Percentile
51.8%
mediawiki/core is vulnerable to authorization bypass. The vulnerability exists as the userCan function in includes/logging/LogEventsList.php does not properly check the user’s permissions for the action.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mediawiki/core | le | 1.31.1 | |
| mediawiki/core | le | 1.32.1 | |
| mediawiki/core | le | 1.30.1 | |
| mediawiki/core | le | 1.27.5 | |
| mediawiki:eoan | eq | 1:1.31.2-1ubuntu1 |
Related
osv
osv
CVE-2019-12470
2019-07-10 17:15:12
mediawiki - security update
2019-06-12 00:00:00
github
github
Wikimedia MediaWik exposed suppressed log in RevisionDelete page
2022-05-24 16:49:58
cvelist
cvelist
CVE-2019-12470
2019-07-10 16:04:55
cve
cve
CVE-2019-12470
2019-07-10 17:15:12
debiancve
debiancve
CVE-2019-12470
2019-07-10 17:15:12
nvd
nvd
CVE-2019-12470
2019-07-10 17:15:12
ubuntucve
ubuntucve
CVE-2019-12470
2019-07-10 00:00:00
prion
prion
Improper access control
2019-07-10 17:15:00
friendsofphp
friendsofphp
Exposed suppressed log in RevisionDelete page
2019-05-30 20:55:14
openvas
openvas
MediaWiki <= 1.32.1 Multiple Vulnerabilities - Windows
2019-07-16 00:00:00
MediaWiki <= 1.32.1 Multiple Vulnerabilities - Linux
2019-07-16 00:00:00
Debian: Security Advisory (DSA-4460-1)
2019-06-13 00:00:00
freebsd
freebsd
mediawiki -- multiple vulnerabilities
2019-04-23 00:00:00
debian
debian
[SECURITY] [DSA 4460-1] mediawiki security update
2019-06-11 22:27:04
nessus
nessus
FreeBSD : mediawiki -- multiple vulnerabilities (3c5a4fe0-9ebb-11e9-9169-fcaa147e860e)
2019-07-05 00:00:00
Debian DSA-4460-1 : mediawiki - security update
2019-06-13 00:00:00
mageia
mageia
Updated mediawiki packages fix security vulnerabilities
2019-09-15 17:45:31
altlinux
altlinux
Security fix for the ALT Linux 9 package mediawiki version 1.32.2-alt1
2019-06-13 00:00:00