Description
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax.
Remediation
References
Related Vulnerabilities
Apache Tomcat version older than 6.0.36
WordPress Plugin Eu Cookie Notice Cross-Site Request Forgery (1.0.6)
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
Perl Numeric Errors Vulnerability (CVE-2011-2939)
Nginx Improper Certificate Validation Vulnerability (CVE-2021-3618)