Description
An issue was discovered in the SecurePoll extension for MediaWiki through 1.35.1. The non-admin vote list contains a full vote timestamp, which may provide unintended clues about how a voting process unfolded.
Remediation
References
Related Vulnerabilities
WordPress Plugin Shortcode Redirect 'domain' Parameter Cross-Site Scripting (1.0.01)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5885)
MediaWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-19709)
Moodle Improper Input Validation Vulnerability (CVE-2012-6101)