MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads.Referenceshttp://www.securitytracker.com/id/1034028https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.htmlhttps://phabricator.wikimedia.org/T91850
