Vulnerability Database

300,445

Total vulnerabilities in the database

CVE-2021-31554

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It improperly handled account blocks for certain automatically created MediaWiki user accounts, thus allowing nefarious users to remain unblocked.

Published: Apr 22, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-31554
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.4
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CVSS v2:

Severity: Medium
Score: 5.5
AV:N/AC:L/Au:S/C:P/I:P/A:N

CWEs:

CWE-863

Affected Software
References

Software	From	Fixed in
mediawiki / mediawiki	-	1.35.2.x

https://gerrit.wikimedia.org/r/q/Ie1f4333d5b1c9d17fb2236fe38a31de427a4cc48
https://phabricator.wikimedia.org/T272244

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo