Description

MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.

Remediation

References

CVE-2013-1817

Related Vulnerabilities

WordPress Plugin Easy PayPal Events Cross-Site Scripting (1.1.1)

WordPress 4.3.x PHP Object Injection (4.3 - 4.3.25)

WordPress Plugin Uji Countdown Cross-Site Scripting (2.0.6)

Oracle JRE CVE-2024-20932 Vulnerability (CVE-2024-20932)

WordPress Plugin Post Recommendations for WordPress 'api.php' Remote File Include (1.1.2)

Severity

High

Classification

CVE-2013-1817 CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities