UBUNTU-CVE-2021-30152
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 09 Apr 2021, 07:15
Last modified:27 May 2026, 10:17
Vulnerability Summary
Overall Risk (default)
low
17/100 CVSS Score
4.3 MEDIUM
3.1 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
09 Apr 2021, 07:15
Published
Vulnerability first disclosed
27 May 2026, 10:17
Last Modified
Vulnerability information updated
Description
An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When using the MediaWiki API to "protect" a page, a user is currently able to protect to a higher level than they currently have permissions for.
CVSS Metrics
- v3.1•MEDIUM•Score: 4.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Affected Systems
- ubuntu•mediawiki
all | all | all | all | all | all | all
References (5)
- https://ubuntu.com/security/CVE-2021-30152
- https://phabricator.wikimedia.org/T270713
- https://lists.wikimedia.org/pipermail/wikitech-l/2021-April/094418.html
- https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/27ba9e0ef0c7ec76331fd92bc549bb2c0d60979a
- https://www.cve.org/CVERecord?id=CVE-2021-30152