Description

MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter.

Remediation

References

CVE-2011-4360

Related Vulnerabilities

WordPress Plugin Online Hotel Booking System Pro Cross-Site Scripting (1.1)

WebLogic CVE-2019-2441 Vulnerability (CVE-2019-2441)

WordPress 4.9.x Cross-Domain Flash Injection Vulnerability (4.9 - 4.9.1)

MySQL CVE-2022-21320 Vulnerability (CVE-2022-21320)

Oracle Database Server CVE-2019-2484 Vulnerability (CVE-2019-2484)

Severity

Medium

Classification

CVE-2011-4360 CWE-200

Tags

Missing Update Known Vulnerabilities