Description
An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the cu_log database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could turn off Special:CheckUserLog and thus interfere with usage tracking.
Remediation
References
Related Vulnerabilities
MySQL CVE-2014-2436 Vulnerability (CVE-2014-2436)
WordPress Plugin WP-Cumulus 'tagcloud.swf' Cross-Site Scripting (1.22)
WordPress Plugin Animal Captcha Cross-Site Scripting (1.6.2)
WordPress 4.2.3 Multiple Vulnerabilities (0.7 - 4.2.3)
WordPress Plugin WPQA-Builder forms Addon For WordPress Insecure Direct Object Reference (5.9.2)