Description
The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials, allowing for potential information disclosure.
Remediation
References
Related Vulnerabilities
Internet Information Services Other Vulnerability (CVE-1999-0407)
WordPress Plugin Service Finder-Provider and Business Listing Local File Disclosure (3.0)
WordPress Plugin WP-Spreadshirt-Gallery Cross-Site Scripting (1.3)
Python Improper Privilege Management Vulnerability (CVE-2020-29396)
MongoDb Improper Certificate Validation Vulnerability (CVE-2023-1409)