VDB

GCVE-110-MAGEIA-2018-433

GCVE-110-MAGEIA-2018-433
Advisory Published
Vulnetix · Advisory published November 3, 2018
Updated mediawiki packages fix security vulnerabilities: '$wgRateLimits' entry for 'user' overrides 'newbie' (CVE-2018-0503). When a log event is (partially) hidden Special:Redirect/logid can link to the incorrect log and reveal hidden information (CVE-2018-0504). BotPasswords can bypass CentralAuth's account lock (CVE-2018-0505).

Affected Products

VendorProductVersionsPlatforms
Mageiamediawiki0 (affected), 1.27.5-1.mga6 (unaffected)

Browse GCVE Records

73,053 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›