Description
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Blocked users are unable to use Special:ResetTokens. This has security relevance because a blocked user might have accidentally shared a token, or might know that a token has been compromised, and yet is not able to block any potential future use of the token by an unauthorized party.
Remediation
References
Related Vulnerabilities
WordPress Plugin LiteSpeed Cache Cross-Site Scripting (3.6)
MySQL CVE-2013-1521 Vulnerability (CVE-2013-1521)
MySQL CVE-2018-3187 Vulnerability (CVE-2018-3187)
LimeSurvey CVE-2009-1604 Vulnerability (CVE-2009-1604)
axios Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-1214)