CVE-2021-31546

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-31546
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-31546.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-31546
Aliases
Published
2021-04-22T03:15:07Z
Modified
2025-01-14T07:18:24.240714Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly logged sensitive suppression deletions, which should not have been visible to users with access to view AbuseFilter log data.

References

Affected packages

Git / github.com/wikimedia/mediawiki

Affected ranges

Type
GIT
Repo
https://github.com/wikimedia/mediawiki
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e5823c068a2e0d8af72538fe5cd152ddb43c58e9

Affected versions

1.*

1.1.0
1.3.0beta1
1.35.0
1.35.0-rc.0
1.35.0-rc.1
1.35.0-rc.2
1.35.0-rc.3
1.35.1
1.35.2
1.5.0alpha1
1.5.0alpha2
1.5.0beta1
1.5.0beta2
1.5.0beta3
1.5.0beta4
1.6.0