Description
An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to create it. This occurs because of a mishandled distinction between an upload restriction and a create restriction. An attacker cannot leverage this to overwrite anything, but can leverage this to force a wiki to have a page with a disallowed title.
Remediation
References
Related Vulnerabilities
WordPress Plugin Contact Form 7 Arbitrary File Upload (3.5.3)
WordPress Plugin Redirect 404 to parent Cross-Site Scripting (1.3.0)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2024-50305)
Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-41284)