Red Hat Bugzilla – Bug 1569804
CVE-2017-0370 mediawiki: Improper URL sanitization in Spam blacklist
Last modified: 2018-06-29 18:37:21 EDT
A flaw was found in Mediawiki before 1.28.1 / 1.27.2 / 1.23.16. Affected versions contains a flaw were Spam blacklist is ineffective on encoded URLs inside file inclusion syntax's link parameter. References: https://phabricator.wikimedia.org/T48143 https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
Created mediawiki123 tracking bugs for this issue: Affects: epel-7 [bug 1569740]