Description

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain information about deleted page via the (1) log API, (2) enhanced RecentChanges, and (3) user watchlists.

Remediation

References

CVE-2013-6472

Related Vulnerabilities

WordPress Plugin Easy Accordion-Best Accordion FAQ Cross-Site Scripting (2.0.21)

Jenkins Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2017-1000503)

WordPress Plugin WP Page Widget Cross-Site Scripting (2.7)

Joomla! Core 4.x.x Cross-Site Scripting (4.0.0 - 4.2.4)

Liferay Portal Incorrect Authorization Vulnerability (CVE-2024-38002)

Severity

Medium

Classification

CVE-2013-6472 CWE-200

Tags

Missing Update Known Vulnerabilities