Description
Unrestricted file upload vulnerability in the chunk upload API in MediaWiki 1.19 through 1.19.6 and 1.20.x before 1.20.6 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.
Remediation
References
Related Vulnerabilities
Python Improper Input Validation Vulnerability (CVE-2023-27043)
WordPress Plugin Gallery-Flagallery Photo Portfolio Cross-Site Request Forgery (3.01)
WordPress Plugin Mobile blocks Security Bypass (1.0)
Drupal Core 9.0.x Security Bypass (9.0.0 - 9.0.5)
WordPress Plugin Zephyr Project Manager Multiple Vulnerabilities (3.2.42)