CVE-2021-31547

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-31547
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-31547.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-31547
Aliases
Published
2021-04-22T03:15:08Z
Modified
2026-03-14T01:44:09.768718Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its AbuseFilterCheckMatch API reveals suppressed edits and usernames to unprivileged users through the iteration of crafted AbuseFilter rules.

References

Affected packages

Git / github.com/wikimedia/mediawiki

Affected ranges

Type
GIT
Repo
https://github.com/wikimedia/mediawiki
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e5823c068a2e0d8af72538fe5cd152ddb43c58e9
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.35.2"
        }
    ]
}

Affected versions

1.*
1.1.0
1.3.0beta1
1.35.0
1.35.0-rc.0
1.35.0-rc.1
1.35.0-rc.2
1.35.0-rc.3
1.35.1
1.35.2
1.5.0alpha1
1.5.0alpha2
1.5.0beta1
1.5.0beta2
1.5.0beta3
1.5.0beta4
1.6.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-31547.json"