Sensitive Suppression Deletion Logging Vulnerability in AbuseFilter Extension

CVE-2021-31546 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly logged sensitive suppression deletions, which should not have been visible to users with access to view AbuseFilter log data.

Learn more about our User Device Pen Test.