IP Address Normalization Vulnerability in MediaWiki

IP Address Normalization Vulnerability in MediaWiki

CVE-2015-8627 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly normalize IP addresses containing zero-padded octets, which might allow remote attackers to bypass intended access restrictions by using an IP address that was not supposed to have been allowed.

Learn more about our Web Application Penetration Testing UK.