CVE-2013-2114

EPSS 1.4%

發布日:2013/11/18修改日:2026/4/28

描述

Unrestricted file upload vulnerability in the chunk upload API in MediaWiki 1.19 through 1.19.6 and 1.20.x before 1.20.6 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.

受影響套件(1)

Debian/mediawikifrom 0, < 1:1.19.7+dfsg-1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-2114