CVE-2016-6336
MEDIUM6.5EPSS 0.10%發布日:2017/4/20修改日:2026/4/28
也稱為:DEBIAN-CVE-2016-6336
描述
MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote authenticated users with undelete permissions to bypass intended suppressrevision and deleterevision restrictions and remove the revision deletion status of arbitrary file revisions by using Special:Undelete.
受影響套件(1)
- Debian/mediawikifrom 0, < 1:1.27.1-1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.5 | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |