Description

MediaWiki user Marco discovered that security checks for file uploads were not being run when the file was uploaded in chunks through the API. This option has been available to users who can upload files since MediaWiki 1.19.

This issue was fixed in MediaWiki v1.20.6 and MediaWiki v1.19.7.

Remediation

Upgrade to the latest version of MediaWiki.

References

CVE-2013-2114

Related Vulnerabilities

WordPress Plugin PICA Photo Gallery 'picaPhotosResize.php' Arbitrary File Upload (1.0)

WordPress Plugin WP Cost Estimation & Payment Forms Builder Multiple Vulnerabilities (9.642)

WordPress Plugin Adning Advertising-Professional, All In One Ad Manager for Wordpress Arbitrary File Upload (1.5.5)

WordPress Plugin Templatic Tevolution Arbitrary File Upload (2.3.6)

WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.23)

Severity

High

Classification

CVE-2013-2114 CWE-434 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Abuse Of Functionality