MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-6472)

Description

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain information about deleted page via the (1) log API, (2) enhanced RecentChanges, and (3) user watchlists.

Remediation

References

CVE-2013-6472

Related Vulnerabilities

WordPress Plugin Print, PDF, Email by PrintFriendly Multiple Unspecified Vulnerabilities (3.5.2)

PHP Other Vulnerability (CVE-2007-3790)

Apache Tomcat Other Vulnerability (CVE-2001-0829)

MySQL CVE-2011-2262 Vulnerability (CVE-2011-2262)

WordPress Plugin Recently Multiple Vulnerabilities (3.0.4)

Severity

Medium

Classification

CVE-2013-6472 CWE-200