Description
An issue was discovered in MediaWiki through 1.37.2. The SecurePoll extension allows a leak because sorting by timestamp is supported,
Remediation
References
Related Vulnerabilities
WordPress Plugin 123ContactForm for WordPress Multiple Vulnerabilities (1.5.6)
WordPress Plugin Rich Widget Arbitrary File Upload (0.2.4)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4360)
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2026-20963)