Description
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. A MediaWiki user who is partially blocked or was unsuccessfully blocked could bypass AbuseFilter and have their edits completed.
Remediation
References
Related Vulnerabilities
osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2002-2019)
Pega Infinity Improper Authentication Vulnerability (CVE-2023-32090)
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2024-21723)
Oracle JRE CVE-2026-21932 Vulnerability (CVE-2026-21932)
Contao Incorrect Default Permissions Vulnerability (CVE-2019-19712)