Description
An issue was discovered in MediaWiki through 1.37.1. The CentralAuth extension mishandles a ttl issue for groups expiring in the future.
Remediation
References
Related Vulnerabilities
WordPress Plugin typofr Cross-Site Scripting (0.11)
PHP Other Vulnerability (CVE-2015-6836)
WordPress Plugin Klaviyo Cross-Site Scripting (3.0.9)
WordPress Plugin PI Button includes Backdoor [Only if downloaded via the vendor website] (3.3.3)
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-33320)