CVE-2023-45372 Information

Description

An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1. During item merging ItemMergeInteractor does not have an edit filter running (e.g. AbuseFilter).

Reference

https://phabricator.wikimedia.org/T345064 https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Wikibase/+/961264