Описание
An issue was discovered in the CheckUserLog API in the CheckUser extension for MediaWiki through 1.39.3. There is incorrect access control for visibility of hidden users.
Ссылки
- Vendor Advisory
- ExploitPatchVendor Advisory
- Vendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.39.3 (включая)
cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.0015
Низкий
5.3 Medium
CVSS3
Дефекты
NVD-CWE-Other
CWE-863
Связанные уязвимости
CVSS3: 5.3
ubuntu
больше 2 лет назад
An issue was discovered in the CheckUserLog API in the CheckUser extension for MediaWiki through 1.39.3. There is incorrect access control for visibility of hidden users.
CVSS3: 5.3
github
больше 2 лет назад
An issue was discovered in the CheckUserLog API in the CheckUser extension for MediaWiki through 1.39.3. There is incorrect access control for visibility of hidden users.
EPSS
Процентиль: 36%
0.0015
Низкий
5.3 Medium
CVSS3
Дефекты
NVD-CWE-Other
CWE-863