Vulnerabilities (CVE)

Filtered by vendor Mediawiki Subscribe
Filtered by product Createredirect
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-29547 1 Mediawiki 1 Createredirect 2024-11-21 5.0 MEDIUM 7.5 HIGH
The CreateRedirect extension before 2022-04-14 for MediaWiki does not properly check whether the user has permissions to edit the target page. This could lead to an unauthorised (or blocked) user being able to edit a page.