Description

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain information about deleted page via the (1) log API, (2) enhanced RecentChanges, and (3) user watchlists.

Remediation

References

CVE-2013-6472

Related Vulnerabilities

MySQL CVE-2022-21595 Vulnerability (CVE-2022-21595)

Python Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-4650)

WordPress Plugin Unlimited Pop-Ups Multiple Cross-Site Scripting Vulnerabilities (1.4.3)

WordPress Plugin Newsletters Unspecified Vulnerability (4.5.5.2)

ownCloud Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2021-35947)

Severity

Medium

Classification

CVE-2013-6472 CWE-200

Tags

Missing Update Known Vulnerabilities