MediaWiki (wikipedia.org) – Unauthenticated Remote Code Execution

The vulnerability (CVE-2014-1610) allows an unauthenticated attacker to execute code remotely on a vulnerable MediaWiki installation. It requires the DjVu file format in order to be exploited (built in by default). MediaWiki is an open-source web platform used to create and maintain wikis. One of the major sites using the system is Wikipedia.org and alongside the rest […]