Your submission was sent successfully! Close

CVE-2021-30152

Published: 9 April 2021

An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When using the MediaWiki API to "protect" a page, a user is currently able to protect to a higher level than they currently have permissions for.

Priority

Medium

CVSS 3 base score: 4.3

Status

Package Release Status
mediawiki
Launchpad, Ubuntu, Debian
bionic Needed

focal Needed

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Needed

jammy Needed

precise Does not exist

trusty Does not exist

upstream
Released (1:1.35.2-1)
xenial Does not exist