Description

Wikimedia MediaWiki 1.27.0 through 1.32.1 might allow DoS. Passing invalid titles to the API could cause a DoS by querying the entire watchlist table. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.

Remediation

References

CVE-2019-12473

Related Vulnerabilities

WordPress Plugin oQey Gallery 'gal_id' Parameter SQL Injection (0.4.8)

Apache HTTP Server Session Fixation Vulnerability (CVE-2001-1534)

Java Unspesificed Vulnerability (CVE-2019-2816)

WordPress Plugin Export User Data Cross-Site Scripting (1.3.1)

WordPress Plugin Import all XML, CSV & TXT into WordPress Cross-Site Scripting (6.4.2)

Severity

High

Classification

CVE-2019-12473 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities