An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it doesn't use EditEntity for undo and restore, the intended interaction with AbuseFilter does not occur.
History

Wed, 27 Nov 2024 19:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-326
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-06-30T00:00:00

Updated: 2024-11-27T18:47:20.839Z

Reserved: 2023-06-30T00:00:00

Link: CVE-2023-37301

cve-icon Vulnrichment

Updated: 2024-08-02T17:09:34.087Z

cve-icon NVD

Status : Modified

Published: 2023-06-30T17:15:09.527

Modified: 2024-11-27T19:15:31.957

Link: CVE-2023-37301

cve-icon Redhat

No data.