Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
MediaWiki Improper Access Control Vulnerability - CVE-2016-6336 - Vulnerability Database
MediaWiki

MediaWiki Improper Access Control Vulnerability - CVE-2016-6336

Medium
Reference: CVE-2016-6336
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-6336
Title: MediaWiki Improper Access Control Vulnerability
Overview:

MediaWiki before 1.23.15 1.26.x before 1.26.4 and 1.27.x before 1.27.1 allows remote authenticated users with undelete permissions to bypass intended suppressrevision and deleterevision restrictions and remove the revision deletion status of arbitrary file revisions by using Special:Undelete.