Description
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.
Remediation
References
Related Vulnerabilities
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4382)
Oracle JRE CVE-2018-2795 Vulnerability (CVE-2018-2795)
WordPress Plugin Two-Factor Authentication-Clockwork SMS Cross-Site Scripting (1.0.3)
Drupal Core 4.6.x Mail Header Injection (4.6.0 - 4.6.5)
Plone CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-5500)