CVE-2021-41801
Published: 11 October 2021
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is blocked after submitting a replace job, the job is still run, even if it may be run at a later time (due to the job queue backlog)
Priority
CVSS 3 base score: 8.8