Description

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads.

Remediation

References

CVE-2015-8003

Related Vulnerabilities

WordPress Plugin Image Rotator Cross-Site Scripting (1.0)

WordPress Plugin Fusion Engage Local File Disclosure (1.0.5)

PHP Out-of-bounds Read Vulnerability (CVE-2019-11046)

Moodle Other Vulnerability (CVE-2019-10154)

ownCloud Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-2039)

Severity

Medium

Classification

CVE-2015-8003

Tags

Missing Update Known Vulnerabilities