MediaWiki Incorrect Authorization Vulnerability - CVE-2021-41801 - Vulnerability Database

MediaWiki Incorrect Authorization Vulnerability - CVE-2021-41801

High

Reference: CVE-2021-41801

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-41801

Title: MediaWiki Incorrect Authorization Vulnerability

Overview:

The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job the job is still run even if it may be run at a later time (due to the job queue backlog)