CVE-2021-42049

EUVD-2021-29037
An issue was discovered in the Translate extension in MediaWiki through 1.36.2. Oversighters cannot undo revisions or oversight on pages where they suppressed information (such as PII). This allows oversighters to whitewash revisions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
Affected Products (NVD)
VendorProductVersion
mediawikimediawiki
𝑥
≤ 1.36.2
𝑥
= Vulnerable software versions
References
https://gerrit.wikimedia.org/r/q/I4d95220ef414337147235f7ebedc9b945c3348e3
https://phabricator.wikimedia.org/T286884
https://gerrit.wikimedia.org/r/q/I4d95220ef414337147235f7ebedc9b945c3348e3
https://phabricator.wikimedia.org/T286884