Description

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Special:Contributions can leak that a "hidden" user exists.

Remediation

References

CVE-2021-30156

Related Vulnerabilities

Oracle Database Server CVE-2014-2406 Vulnerability (CVE-2014-2406)

WordPress Plugin ARS Reg Secure Cross-Site Scripting (1.1)

Microsoft SQL Server Other Vulnerability (CVE-2002-1137)

WordPress Plugin ChenPress Arbitrary File Upload (3.0)

MySQL CVE-2017-10384 Vulnerability (CVE-2017-10384)

Severity

Medium

Classification

CVE-2021-30156 CWE-732 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities