MediaWiki Improper Privilege Management Vulnerability - CVE-2021-44857

An issue was discovered in MediaWiki before 1.35.5 1.36.x before 1.36.3 and 1.37.x before 1.37.1. It is possible to use actionmcrundo followed by actionmcrrestore to replace the content of any arbitrary page (that the user doesn39t have edit rights for). This applies to any public wiki or a private wiki that has at least one page set in wgWhitelistRead.