2021-07-02 13:01:13
mitre
PUBLISHED
An issue was discovered in the CentralAuth extension in MediaWiki through 1.36. The Special:GlobalRenameRequest page is vulnerable to infinite loops and denial of service attacks when a users current username is beyond an arbitrary maximum configuration value (MaxNameChars).