Description
The admin API module in the QuizGame extension for MediaWiki through 1.37.2 (before 665e33a68f6fa1167df99c0aa18ed0157cdf9f66) omits a check for the quizadmin user.
Remediation
References
Related Vulnerabilities
WordPress Plugin PowerPack Lite for Beaver Builder Cross-Site Scripting (1.2.9.2)
MySQL CVE-2021-2016 Vulnerability (CVE-2021-2016)
Artifactory Insufficient Verification of Data Authenticity Vulnerability (CVE-2018-19971)
FluxBB Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2020-28873)