CVE-2024-34502

Published: 2024-05-05T19:15Z

Last Modified: 2024-11-21T09:18Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An issue was discovered in WikibaseLexeme in MediaWiki before 1.39.6, 1.40.x before 1.40.2, and 1.41.x before 1.41.1. Loading Special:MergeLexemes will (attempt to) make an edit that merges the from-id to the to-id, even if the request was not a POST request, and even if it does not contain an edit token. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt