Security Advisory

CVE-2021-31553

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-22 02:29:31
Last updated 2024-08-03 23:03:33
Assigner mitre
State PUBLISHED

Description

An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the cu_log database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could turn off Special:CheckUserLog and thus interfere with usage tracking.