John F. Lewis

1 exploit Active since Apr 2022
CVE-2022-24813 WRITEUP MEDIUM WRITEUP
CreateWiki < 2022-04-02 - Unauthenticated Anonymous Comment Posting via Special:RequestWikiQueue
CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. Without the patch for this issue, anonymous comments can be made using Special:RequestWikiQueue when sent directly via POST. A patch for this issue is available in the `master` branch of CreateWiki's GitHub repository.
CVSS 5.3