Description
An issue was discovered in the AbuseFilter extension in MediaWiki through 1.36. If the MediaWiki:Abusefilter-blocker message is invalid within the content language, the filter user falls back to the English version, but that English version could also be invalid on a wiki. This would result in a fatal error, and potentially fail to block or restrict a potentially nefarious user.
Remediation
References
Related Vulnerabilities
WordPress Plugin IMPress for IDX Broker Multiple Vulnerabilities (2.6.1)
WordPress Plugin Multi Step Form Multiple Cross-Site Scripting Vulnerabilities (1.2.5)
WordPress Plugin WP Smart Image II Cross-Site Scripting (0.2)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-28129)