Description

The wikitext parser in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to cause a denial of service (infinite loop) via certain input, as demonstrated by the padleft function.

Remediation

References

CVE-2012-4885

Related Vulnerabilities

Oracle Database Server CVE-2015-2586 Vulnerability (CVE-2015-2586)

Grafana CVE-2021-27358 Vulnerability (CVE-2021-27358)

Dolibarr Improper Authentication Vulnerability (CVE-2020-7995)

WordPress Plugin Booster Elite for WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (6.0.0)

WordPress Plugin WP-Polls Cross-Site Scripting (2.73)

Severity

Medium

Classification

CVE-2012-4885

Tags

Missing Update Known Vulnerabilities