Description
Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation (JSON) formatted results.
Remediation
References
Related Vulnerabilities
Ruby Out-of-bounds Write Vulnerability (CVE-2016-2338)
Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-40662)
WordPress Plugin YITH WooCommerce Stripe Security Bypass (2.0.1)
Ruby Improper Input Validation Vulnerability (CVE-2011-2705)
WordPress Plugin WP Database Reset Multiple Security Bypass Vulnerabilities (3.1)