CVE-2022-41767

描述

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. When changes made by an IP address are reassigned to a user (using reassignEdits.php), the changes will still be attributed to the IP address on Special:Contributions when doing a range lookup.

受影響套件(2)

• Bitnami/mediawikifrom 0, < 1.35.8, >= 1.36.0, < 1.37.5, >= 1.38.0, < 1.38.3
• Debian/mediawikifrom 0, < 1:1.35.8-1~deb11u1

CVSS 分數

參考連結(4)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2022-41767
• WEBhttps://nvd.nist.gov/vuln/detail/CVE-2022-41767
• WEBhttps://phabricator.wikimedia.org/T316304
• WEBhttps://security.gentoo.org/glsa/202305-24