Description
Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance administrator.
References (5)
Core 5
Core References
Exploit, Third Party Advisory
https://fluidattacks.com/advisories/blondie/
Mailing List, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/11/msg00027.html
Third Party Advisory
https://www.debian.org/security/2023/dsa-5520
Mailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY/
Scores
CVSS v3
7.3
EPSS
0.0019
EPSS Percentile
39.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-79
Status
published
Products (4)
debian/debian_linux
10.0
debian/debian_linux
11.0
mediawiki/core
0Packagist
mediawiki/mediawiki
1.40.0
Published
Sep 25, 2023
Tracked Since
Feb 18, 2026