Description
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. A MediaWiki user who is partially blocked or was unsuccessfully blocked could bypass AbuseFilter and have their edits completed.
Remediation
References
Related Vulnerabilities
WordPress Plugin Fourteen Extended Cross-Site Scripting (1.2.31)
WordPress Plugin underConstruction Cross-Site Scripting (1.18)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2865)
Joomla! Core Cross-Site Scripting (1.0.0 - 3.9.2)
IBM WebSEAL Missing Authorization Vulnerability (CVE-2019-4158)