Description
MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2, when using HHVM or Zend PHP, allows remote attackers to cause a denial of service ("quadratic blowup" and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, a different vulnerability than CVE-2015-2942.
Remediation
References
Related Vulnerabilities
WordPress Plugin Newsletters Multiple Vulnerabilities (4.6.5.3)
Drupal Inefficient Regular Expression Complexity Vulnerability (CVE-2022-24729)
Envoy Proxy CVE-2019-18802 Vulnerability (CVE-2019-18802)
WordPress Plugin Limit Attempts by BestWebSoft Multiple Vulnerabilities (1.0.3)
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-11127)