← Back to CVE List

CVE-2023-36674

Published: 2023-08-20T18:15Z
Last Modified: 2024-11-21T08:10Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt