Description

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain information about deleted page via the (1) log API, (2) enhanced RecentChanges, and (3) user watchlists.

Remediation

References

CVE-2013-6472

Related Vulnerabilities

Apache Tomcat Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4590)

Oracle HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-25314)

WordPress Plugin Freetobook review widget Unspecified Vulnerability (1.0)

SharePoint CVE-2019-1260 Vulnerability (CVE-2019-1260)

WordPress Plugin WPJobBoard Cross-Site Scripting (5.5.3)

Severity

Medium

Classification

CVE-2013-6472 CWE-200

Tags

Missing Update Known Vulnerabilities