Security researchers from Check Point have identified a critical vulnerability affecting websites created on the MediaWiki platform. Several Wiki sites have been impacted, including Wikipedia.org.
According to experts, the security hole could have been exploited for remote code execution. Cybercriminals could have leveraged the flaw to gain complete control of an affected Web server.
MediaWiki installations starting with version 1.8 are affected. It’s worth noting that in order for an attack to succeed, a specific non-default setting must be enabled.
Fortunately, the WikiMedia Foundation rushed to address the issue after being notified. The organization has also sent out an alert to encourage MediWiki customers to update their installations.
If unpatched, the vulnerability can be used to inject malicious code into Wikipedia.org and other Wiki websites that run on the open-source platform MediaWiki.
This could have been highly problematic, considering that Wikipedia has around 94 million unique visitors each month.
“It only takes a single vulnerability on a widely adopted platform for a hacker to infiltrate and wreak widespread damage. The Check Point Vulnerability Research Group focuses on finding these security exposures and deploying the necessary real-time protections to secure the Internet,” explained Dorit Dor, vice president of products at Check Point Software Technologies.
“We’re pleased that the MediaWiki platform is now protected against attacks on this vulnerability, which would have posed great security risk for millions of daily ‘wiki’ site users.”
Check Point reveals the fact that this is the third remote code execution vulnerability found on the MediaWiki platform since 2006.
A total of 13 security holes were found in MediaWiki in 2013. The list includes one code execution, six cross-site scripting (XSS), two bypass and three cross-site reference forgery (CSRF) vulnerabilities.