Unrated severityNVD Advisory· Published Apr 22, 2021· Updated Aug 3, 2024
CVE-2021-31552
CVE-2021-31552
Description
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly executed certain rules related to blocking accounts after account creation. Such rules would allow for user accounts to be created while blocking only the IP address used to create an account (and not the user account itself). Such rules could also be used by a nefarious, unprivileged user to catalog and enumerate any number of IP addresses related to these account creations.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- MediaWiki/AbuseFilter extensiondescription
- Range: <=1.35.2
Patches
Vulnerability mechanics
References
2- gerrit.wikimedia.org/r/q/I8bae477ad7e4d0190335363ac2decf28e4313da1mitrex_refsource_MISC
- phabricator.wikimedia.org/T152394mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.