5May
CVE-2024-34502 | MediaWiki up to 1.39.5/1.40.1/1.41.0 WikibaseLexeme Special:MergeLexemes access control
A vulnerability classified as critical was found in MediaWiki up to 1.39.5/1.40.1/1.41.0. This vulnerability affects unknown code of the file Special:MergeLexemes of the component WikibaseLexeme. The manipulation leads to improper access controls. This vulnerability was named CVE-2024-34502. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.