Description
MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspecified requests that trigger an uncaught exception.
Remediation
References
Related Vulnerabilities
WordPress Plugin Team Showcase Multiple Vulnerabilities (1.22.15)
concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-24986)
Oracle Database Server CVE-2019-2955 Vulnerability (CVE-2019-2955)
WordPress Plugin WebP Express Arbitrary File Disclosure (0.14.10)
WordPress Plugin Booking.com Product Helper Cross-Site Scripting (1.0.1)