Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2015-8625 - Vulnerability Database
MediaWiki

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2015-8625

High
Reference: CVE-2015-8625
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-8625
Title: MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

MediaWiki before 1.23.12 1.24.x before 1.24.5 1.25.x before 1.25.4 and 1.26.x before 1.26.1 do not properly sanitize parameters when calling the cURL library which allows remote attackers to read arbitrary files via an (at sign) character in unspecified POST array parameters.