Description
Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation (JSON) formatted results.
Remediation
References
Related Vulnerabilities
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-2243)
WordPress Plugin Startklar Elementor Addons Arbitrary File Deletion (1.7.13)
WordPress Plugin BePro Listings Security Bypass (2.2.0020)
WordPress Plugin AskApache Firefox Adsense Cross-Site Request Forgery (3.0)