Описание
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. (The log_deleted attribute is not applied to entries.)
Ссылки
- Issue Tracking
- Issue Tracking
Уязвимые конфигурации
Конфигурация 1Версия до 1.42.1 (включая)
cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00145
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-532
CWE-532
Связанные уязвимости
CVSS3: 4.3
github
больше 1 года назад
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. (The log_deleted attribute is not applied to entries.)
EPSS
Процентиль: 35%
0.00145
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-532
CWE-532