Description

Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation (JSON) formatted results.

Remediation

References

CVE-2008-1318

Related Vulnerabilities

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-2243)

WordPress Plugin Startklar Elementor Addons Arbitrary File Deletion (1.7.13)

WordPress Plugin Academy LMS-eLearning and online course solution for WordPress Privilege Escalation (1.9.19)

WordPress Plugin BePro Listings Security Bypass (2.2.0020)

WordPress Plugin AskApache Firefox Adsense Cross-Site Request Forgery (3.0)

Severity

Medium

Classification

CVE-2008-1318 CWE-200

Tags

Missing Update Known Vulnerabilities