An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur for an untrusted X-Forwarded-For header.
2023-03-31T19:15:07.540
2025-02-18T16:15:16.077
Modified
CVSSv3.1: 9.8 (CRITICAL)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | mediawiki | mediawiki | < 1.35.10 | Yes |
Application | mediawiki | mediawiki | < 1.38.6 | Yes |
Application | mediawiki | mediawiki | < 1.39.3 | Yes |
Operating System | fedoraproject | fedora | 37 | Yes |