CVE-2022-28204

HIGH7.5EPSS 0.38%

Published: 3/6/2024Modified: 4/3/2025

Description

A denial-of-service issue was discovered in MediaWiki 1.37.x before 1.37.2. Rendering of w/index.php?title=Special%3AWhatLinksHere&target=Property%3AP31&namespace=1&invert=1 can take more than thirty seconds. There is a DDoS risk.

Affected packages (1)

Bitnami/mediawiki>= 1.37.0, < 1.37.2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References (2)

WEBhttps://nvd.nist.gov/vuln/detail/CVE-2022-28204
WEBhttps://phabricator.wikimedia.org/T297754