CVE Vulnerabilities

CVE-2022-41767

Published: Dec 26, 2022 | Modified: Apr 14, 2025
CVSS 3.x
5.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM
root.io minimus.io echohq.com

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. When changes made by an IP address are reassigned to a user (using reassignEdits.php), the changes will still be attributed to the IP address on Special:Contributions when doing a range lookup.

Affected Software

Name Vendor Start Version End Version
Mediawiki Mediawiki * 1.35.8 (excluding)
Mediawiki Mediawiki 1.36.0 (including) 1.37.5 (excluding)
Mediawiki Mediawiki 1.38.0 (including) 1.38.3 (excluding)
Mediawiki Ubuntu bionic *
Mediawiki Ubuntu focal *
Mediawiki Ubuntu kinetic *
Mediawiki Ubuntu lunar *
Mediawiki Ubuntu mantic *
Mediawiki Ubuntu trusty *
Mediawiki Ubuntu xenial *

References