Description
Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having LocalisationCache directory default to system tmp directory is insecure.
Remediation
References
Related Vulnerabilities
WordPress Plugin Docket Cache-Object Cache Accelerator Cross-Site Scripting (21.08.01)
WordPress Plugin Loco Translate PHP Code Injection (2.5.3)
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.16)
WordPress Plugin ContentStudio Multiple Vulnerabilities (1.2.5)
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3837)