What is CVE-2024-47816?

CVE-2024-47816 is a medium-severity vulnerability in Miraheze Importdump, classified under CWE-282. CVSS score: 6.4/10. Published 2024-10-09.

How severe is CVE-2024-47816?

Medium severity. CVSS v3 base score is 6.4 out of 10.

Vulnerability in Miraheze Importdump

CVE-2024-47816

ImportDump is a mediawiki extension designed to automate user import requests. A user's local actor ID is stored in the database to tell who made what requests. Therefore, if a user on another wiki happens to have the same actor ID as some…

EPSS: 0.001 (34.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.4 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L.

Affected products

Miraheze Importdump — versions commits prior to 5c91dfc

Weakness classification (CWE)

CWE-282

References

https://github.com/miraheze/ImportDump/security/advisories/GHSA-jjmq-mg36-6387 (x_refsource_CONFIRM)
https://github.com/miraheze/ImportDump/commit/5c91dfce78320e717516ee65ef5a05f01979ee6c (x_refsource_MISC)
https://github.com/miraheze/mw-config/commit/e5664995fbb8644f9a80b450b4326194f20f9ddc (x_refsource_MISC)
https://issue-tracker.miraheze.org/T12701 (x_refsource_MISC)

Frequently asked questions

What is CVE-2024-47816?: CVE-2024-47816 is a medium-severity vulnerability in Miraheze Importdump, classified under CWE-282. CVSS score: 6.4/10. Published 2024-10-09.
How severe is CVE-2024-47816?: Medium severity. CVSS v3 base score is 6.4 out of 10.