Skip to main content

Improper Control of a Resource Through its Lifetime

CVE-2021-42049

Severity Medium
Score 6.5/10

Summary

An issue was discovered in the Translate extension in MediaWiki through 1.36.2. Oversighters cannot undo revisions or oversight on pages where they suppressed information (such as PII). This allows oversighters to whitewash revisions. This vulnerability affects MediaWiki Translate extension versions prior to 2021.10.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • LOW
  • NONE
  • HIGH

CWE-664 - Improper Control of a Resource Through its Lifetime

The software does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release.

Advisory Timeline

  • Published