Description

An issue was discovered in the Translate extension in MediaWiki through 1.36.2. Oversighters cannot undo revisions or oversight on pages where they suppressed information (such as PII). This allows oversighters to whitewash revisions.

Remediation

References

CVE-2021-42049

Related Vulnerabilities

WordPress Plugin Captcha by BestWebSoft SQL Injection (4.1.7)

WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.11)

WordPress Plugin Digital River Global Commerce Supply Chain Attack [Polyfill.io] (2.0.2)

MySQL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2012-2102)

MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-0362)

Severity

Medium

Classification

CVE-2021-42049 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities