Unrestricted Item Merge Vulnerability in Wikibase Extension

Unrestricted Item Merge Vulnerability in Wikibase Extension

CVE-2023-45371 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is no rate limit for merging items.

Learn more about our Web Application Penetration Testing UK.