CVE-2025-53371 | miraheze DiscordNotifications on MediaWiki HTTP POST Request file_get_contents wgDiscordIncomingWebhookUrl resource consumption

Inserito da Angelo Barbosa | Lug 10, 2025 | CVE

A vulnerability, which was classified as problematic, was found in miraheze DiscordNotifications on MediaWiki. Affected is the function file_get_contents of the component HTTP POST Request Handler. The manipulation of the argument wgDiscordIncomingWebhookUrl leads to resource consumption.

This vulnerability is traded as CVE-2025-53371. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-53371 | miraheze DiscordNotifications on MediaWiki HTTP POST Request file_get_contents wgDiscordIncomingWebhookUrl resource consumption

Post correlati

CVE-2024-39886 | Dream Train Internet TONE Store App up to 3.4.2 channel accessible

CVE-2024-30637 | Tenda F1202 1.2.0.20(408) /goform/WriteFacMac formWriteFacMac mac command injection

CVE-2025-20166 | Cisco Common Services Platform Collector Software 2.11/2.11.0.1/2.11.0.2/2.11.0.3/30.1.1-0 Interface cross site scripting (cisco-sa-cspc-xss-CDOJZyH)

CVE-2024-6003 | Guangdong Baolun Electronics IP Network Broadcasting Service Platform 2.0 /api/v2/maps orderColumn sql injection