Описание
The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.11 | mediawiki | Not affected | ||
| Red Hat OpenShift Container Platform 4 | mediawiki | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-319->CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1922225mediawiki: Information disclosure via cleartext transmitted ApiPush credentials
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
около 5 лет назад
The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure.
github
больше 3 лет назад
The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure.
5.3 Medium
CVSS3