Description
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.
Remediation
References
Related Vulnerabilities
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-36400)
WordPress Plugin Currency Switcher for WooCommerce Security Bypass (2.11.1)
MySQL CVE-2022-21417 Vulnerability (CVE-2022-21417)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3050)