Description
An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When using the MediaWiki API to "protect" a page, a user is currently able to protect to a higher level than they currently have permissions for.
Remediation
References
Related Vulnerabilities
Joomla Other Vulnerability (CVE-2006-4473)
WordPress Plugin Active Directory Authentication Integration Cross-Site Scripting (0.6)
WordPress 5.8.x Multiple Vulnerabilities (5.8 - 5.8.5)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3394)
WordPress Plugin WP e-Commerce-Store Toolkit Privilege Escalation (2.0)