Headline
CVE-2021-30155: ChangeContentModel when a rule was met
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. ContentModelChange does not check if a user has correct permissions to create and set the content model of a nonexistent page.
Edit Task
Mute Notifications
Protect as security issue
Award Token
Flag For Later
Task Graph
Mentions
Event Timeline
Restricted Application added a subscriber: Aklapper.
Reedy renamed this task from Titleblacklist failed when creating pages by Special:ChangeContentModel to Titleblacklist didn’t prevent creation of pages by Special:ChangeContentModel when a rule was met.
Reedy renamed this task from Titleblacklist didn’t prevent creation of pages by Special:ChangeContentModel when a rule was met to CVE-2021-30155: Titleblacklist didn’t prevent creation of pages by Special:ChangeContentModel when a rule was met.
Reedy closed this task as Resolved.
Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL