Описание
MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter.
Ссылки
- PatchVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingPatchVendor Advisory
- PatchVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Issue TrackingPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.17.1 (исключая)
cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00607
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
ubuntu
около 14 лет назад
MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter.
debian
около 14 лет назад
MediaWiki before 1.17.1 allows remote attackers to obtain the page tit ...
github
больше 3 лет назад
MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter.
EPSS
Процентиль: 69%
0.00607
Низкий
5 Medium
CVSS2
Дефекты
CWE-200