Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2023-45372

An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. During item merging, ItemMergeInteractor does not have an edit filter running (e.g., AbuseFilter).

  • Published: Oct 9, 2023
  • Updated: Oct 13, 2023
  • CVE: CVE-2023-45372
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.3
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

No CWE or OWASP classifications available.

Software From Fixed in
mediawiki / mediawiki 1.40.0 1.40.0.x
mediawiki / mediawiki - 1.35.12
mediawiki / mediawiki 1.36.0 1.39.5