Description

In MediaWiki through 1.37, blocked IP addresses are allowed to edit EntitySchema items.

Remediation

References

CVE-2021-45471

Related Vulnerabilities

WordPress Plugin Auto ThickBox Plus Cross-Site Scripting (1.9)

WordPress Plugin Database for Contact Form 7, WPforms, Elementor forms Cross-Site Scripting (1.1.5)

WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.6)

Joomla! Core 1.0.x SQL Injection (1.0.0 - 1.0.11)

WordPress Plugin More Fields Cross-Site Request Forgery (2.1)

Severity

Medium

Classification

CVE-2021-45471 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities