Description
An issue was discovered in the FileImporter extension in MediaWiki through 1.36. For certain relaxed configurations of the $wgFileImporterRequiredRight variable, it might not validate all appropriate user rights, thus allowing a user with insufficient rights to perform operations (specifically file uploads) that they should not be allowed to perform.
Remediation
References
Related Vulnerabilities
WordPress Plugin Admin Columns CSV Injection (3.4.6)
phpMyFAQ Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2018-16651)
Apache HTTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-1927)
Java Unspesificed Vulnerability (CVE-2019-2766)
WordPress Plugin Companion Auto Update Multiple Vulnerabilities (3.2.0)