CVE-2017-0370

Summary

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw were Spam blacklist is ineffective on encoded URLs inside file inclusion syntax's link parameter.

Affected Software

VendorProductVersion RangeStatus
mediawikimediawikin/aaffected

Weaknesses

  • blacklist ineffective on certain URLs

ADP Enrichment

CVE Program Container

Additional References

References