Описание
An issue was discovered in the AbuseFilter extension for MediaWiki. includes/special/SpecialAbuseLog.php allows attackers to obtain sensitive information, such as deleted/suppressed usernames and summaries, from AbuseLog revision data. This affects REL1_32 and REL1_33.
Ссылки
- Patch
- Patch
- Patch
- Permissions Required
- Patch
- Patch
- Patch
- Permissions Required
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mediawiki:abusefilter:1.32:*:*:*:*:mediawiki:*:*
cpe:2.3:a:mediawiki:abusefilter:1.33:*:*:*:*:mediawiki:*:*
EPSS
Процентиль: 64%
0.00468
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-532
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered in the AbuseFilter extension for MediaWiki. includes/special/SpecialAbuseLog.php allows attackers to obtain sensitive information, such as deleted/suppressed usernames and summaries, from AbuseLog revision data. This affects REL1_32 and REL1_33.
EPSS
Процентиль: 64%
0.00468
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-532