CVE-2023-37301:

0.0 CVSS

Description

An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it doesn't use EditEntity for undo and restore, the intended interaction with AbuseFilter does not occur.

Classification

CVE ID: CVE-2023-37301

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.07% (probability of being exploited)

EPSS Percentile: 31.93% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://phabricator.wikimedia.org/T250720
https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Wikibase/+/933663

Timeline

2024-11-28 00:11:35 UTC
CVE