vulnerability

Debian: CVE-2022-28201: mediawiki -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:L/AC:L/Au:M/C:N/I:N/A:C)	Sep 19, 2022	Sep 26, 2022	Mar 30, 2026

Severity

CVSS

(AV:L/AC:L/Au:M/C:N/I:N/A:C)

Published

Sep 19, 2022

Added

Sep 26, 2022

Modified

Mar 30, 2026

Description

An issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. Users with the editinterface permission can trigger infinite recursion, because a bare local interwiki is mishandled for the mainpage message.

Solution

debian-upgrade-mediawiki

References

CVE-2022-28201
https://attackerkb.com/topics/CVE-2022-28201
CWE-674
DEBIAN-DLA-3117-1
DEBIAN-DSA-5246
EUVD-EUVD-2022-32655
https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-32655

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today