VYPR
Medium severity6.1NVD Advisory· Published Dec 11, 2019· Updated Jun 17, 2026

CVE-2019-19709

CVE-2019-19709

Description

MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, and using redirect=1 in the action API when editing that page.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
mediawiki/corePackagist
>= 1.31.0, < 1.31.61.31.6
mediawiki/corePackagist
>= 1.32.0, < 1.32.61.32.6
mediawiki/corePackagist
>= 1.33.0, < 1.33.21.33.2
mediawiki/corePackagist
>= 1.33.99, < 1.34.01.34.0

Affected products

2

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.