Security Advisory

CVE-2023-36674

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-20 00:00:00

Last updated 2024-10-08 14:27:38

Assigner mitre

State PUBLISHED

Description

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax.

← Browse all CVEs View on cve.org ↗