CVE-2021-31546
4.3
MEDIUM
CVSS 3.1
EPSS 0.11%
Description
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly logged sensitive suppression deletions, which should not have been visible to users with access to view AbuseFilter log data.
How to fix CVE-2021-31546
To remediate CVE-2021-31546, upgrade the affected package to a fixed version below.
- Bitnami/mediawiki—upgrade to 1.35.3 or later
Is CVE-2021-31546 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.35.3
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM4.3 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |