Description
MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page.
Remediation
References
Related Vulnerabilities
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.12)
SharePoint CVE-2018-8628 Vulnerability (CVE-2018-8628)
Liferay DXP Inefficient Regular Expression Complexity Vulnerability (CVE-2025-43764)
WordPress Plugin Welcart e-Commerce Multiple Vulnerabilities (1.3.12)
Jenkins Improper Handling of Inconsistent Structural Elements Vulnerability (CVE-2021-21640)