MediaWiki Improper Privilege Management Vulnerability - CVE-2020-10534 - Vulnerability Database

MediaWiki Improper Privilege Management Vulnerability - CVE-2020-10534

Critical

Reference: CVE-2020-10534

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-10534

Title: MediaWiki Improper Privilege Management Vulnerability

Overview:

In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0 an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to the case in which an IP address is contained in two ranges one of which is locally disabled.