Description
An issue was discovered in the Translate extension in MediaWiki through 1.36.2. Oversighters cannot undo revisions or oversight on pages where they suppressed information (such as PII). This allows oversighters to whitewash revisions.
References (2)
Core 2
Core References
Permissions Required, Vendor Advisory x_refsource_misc
https://phabricator.wikimedia.org/T286884
Patch, Vendor Advisory x_refsource_misc
https://gerrit.wikimedia.org/r/q/I4d95220ef414337147235f7ebedc9b945c3348e3
Scores
CVSS v3
6.5
EPSS
0.0033
EPSS Percentile
56.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (1)
mediawiki/mediawiki
< 1.36.2
Published
Sep 29, 2022
Tracked Since
Feb 18, 2026