Описание
The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 includes private data such as CSRF tokens in a JavaScript file, which allows remote attackers to obtain sensitive information.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.15.x |
| hardy | ignored | end of life |
| lucid | not-affected | 1.15.x |
| maverick | ignored | end of life |
| natty | not-affected | 1.15.x |
| oneiric | not-affected | 1.15.x |
| precise | not-affected | 1.15.x |
| quantal | not-affected | 1.15.x |
| raring | not-affected | 1.15.x |
| upstream | needs-triage |
Показывать по
5 Medium
CVSS2
Связанные уязвимости
The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 includes private data such as CSRF tokens in a JavaScript file, which allows remote attackers to obtain sensitive information.
The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x befor ...
The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 includes private data such as CSRF tokens in a JavaScript file, which allows remote attackers to obtain sensitive information.
5 Medium
CVSS2