Description
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. A MediaWiki user who is partially blocked or was unsuccessfully blocked could bypass AbuseFilter and have their edits completed.
Remediation
References
Related Vulnerabilities
MySQL CVE-2018-2776 Vulnerability (CVE-2018-2776)
CherryPy Other Vulnerability (CVE-2006-0847)
WordPress Plugin Redirection 'id' Parameter Cross-Site Scripting (2.2.8)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-7572)
silverstripeCMS Improper Input Validation Vulnerability (CVE-2011-4962)