exploitDog

GHSA-m23v-gcxc-rq79

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure.

The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure.

Ссылки

EPSS

Процентиль: 26%

0.0009

Низкий

CVE ID

Дефекты

CWE-522

Связанные уязвимости

CVE-2020-29005

CVSS3: 5.3

redhat

около 5 лет назад

The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure.

CVE-2020-29005

CVSS3: 7.5

nvd

около 5 лет назад

The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure.

EPSS

Процентиль: 26%

0.0009

Низкий

CVE ID

Дефекты

CWE-522