The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name Overlimit Vulnerability VWE-ID VWE-2010-0110 Related Report None Severity Extreme Exploit Difficulty EASY Platform Affects all platforms supported by the vulnerable versions. Description Denial of Service Amplification. A malicious user can modify a URL parameter to change the number of results displayed on Special pages and history revision lists to an arbitrarily high number.
Discovered September 17, 2010 / April 8, 2015 Resolved As discovered April 8, 2015, patch provided September 30, 2010 did not successfully resolve the issue. Patches Available Update to an unaffected version of the 4.x series. Workaround Update permissions so that no users can view any special pages or the history tab.
Sub-Categories of VWE-2010-0110
-
#
-
# (cont.)
-
# (cont.)