Description
An issue was discovered in the SecurePoll extension for MediaWiki through 1.35.1. The non-admin vote list contains a full vote timestamp, which may provide unintended clues about how a voting process unfolded.
Remediation
References
Related Vulnerabilities
Squid NULL Pointer Dereference Vulnerability (CVE-2018-1172)
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2024-23327)
Joomla! Core 1.0.x Session Fixation (1.0.0 - 1.0.12)
WordPress Plugin ActiveCampaign-Forms, Site Tracking, Live Chat Cross-Site Request Forgery (8.0.1)
WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (3.5.3)