Описание
MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspecified requests that trigger an uncaught exception.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 1:1.13.3-1 |
| gutsy | ignored | end of life, was needed |
| hardy | ignored | |
| intrepid | ignored | |
| jaunty | not-affected | 1:1.13.3-1 |
| karmic | not-affected | 1:1.13.3-1 |
| upstream | released | 1.13.3 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspecified requests that trigger an uncaught exception.
MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExce ...
MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspecified requests that trigger an uncaught exception.
EPSS
4.3 Medium
CVSS2