Vulnerability Details : CVE-2016-6337
MediaWiki 1.27.x before 1.27.1 might allow remote attackers to bypass intended session access restrictions by leveraging a call to the UserGetRights function after Session::getAllowedUserRights.
Vulnerability category: BypassGain privilege
Exploit prediction scoring system (EPSS) score for CVE-2016-6337
0.16%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 52 %
Percentile, the proportion of vulnerabilities that are scored at or less