First published: Wed Oct 06 2021(Updated: )
An issue was discovered in the Translate extension in MediaWiki through 1.36.2. Oversighters cannot undo revisions or oversight on pages where they suppressed information (such as PII). This allows oversighters to whitewash revisions.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
MediaWiki MediaWiki | <=1.36.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2021-42049.
The severity level of CVE-2021-42049 is medium.
The affected software of CVE-2021-42049 is MediaWiki version up to and including 1.36.2.
The impact of CVE-2021-42049 is that oversighters in MediaWiki cannot undo revisions or oversight on pages where they suppressed information, allowing them to whitewash revisions.
Yes, you can find references for CVE-2021-42049 at the following links: [Link 1](https://gerrit.wikimedia.org/r/q/I4d95220ef414337147235f7ebedc9b945c3348e3), [Link 2](https://phabricator.wikimedia.org/T286884).