Vulnerabilities > CVE-2021-30155 - Missing Authorization vulnerability in multiple products

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
mediawiki
debian
fedoraproject
CWE-862
NVD
Published: 2021-04-09
Updated: 2023-11-07

Summary

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. ContentModelChange does not check if a user has correct permissions to create and set the content model of a nonexistent page.

Vulnerable Configurations

Part Description Count
Application
Mediawiki
373
OS
Debian
2
OS
Fedoraproject
2

Common Weakness Enumeration (CWE)

References