Description
An issue was discovered in the CheckUser extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. A user can use a rest.php/checkuser/v0/useragent-clienthints/revision/ URL to store an arbitrary number of rows in cu_useragent_clienthints, leading to a denial of service.
Remediation
References
Related Vulnerabilities
WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Cross-Site Scripting (3.5.7)
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2014-0231)
SugarCRM Other Vulnerability (CVE-2004-1225)
Magento CVE-2019-8122 Vulnerability (CVE-2019-8122)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.5.30)