Description
An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. It did not validate the oarc_version (aka oauth_registered_consumer.oarc_version) parameter's length.
Remediation
References
Related Vulnerabilities
WordPress Plugin Blog2Social:Social Media Auto Post & Scheduler SQL Injection (5.5.0)
Oracle JRE CVE-2014-2422 Vulnerability (CVE-2014-2422)
Open Resty Off-by-one Error Vulnerability (CVE-2021-23017)
PHP CVE-2007-4670 Vulnerability (CVE-2007-4670)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3586)