Description
MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly normalize IP addresses containing zero-padded octets, which might allow remote attackers to bypass intended access restrictions by using an IP address that was not supposed to have been allowed.
Remediation
References
Related Vulnerabilities
Atlassian Jira Other Vulnerability (CVE-2007-6618)
Moodle Improper Input Validation Vulnerability (CVE-2011-4302)
PHP Improper Input Validation Vulnerability (CVE-2007-3998)
Python Improper Input Validation Vulnerability (CVE-2021-29921)
Nginx Integer Overflow or Wraparound Vulnerability (CVE-2017-7529)