Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2015-8628 - Vulnerability Database
MediaWiki

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2015-8628

Medium
Reference: CVE-2015-8628
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-8628
Title: MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

The (1) Special:MyPage (2) Special:MyTalk (3) Special:MyContributions (4) Special:MyUploads and (5) Special:AllMyUploads pages in MediaWiki before 1.23.12 1.24.x before 1.24.5 1.25.x before 1.25.4 and 1.26.x before 1.26.1 allow remote attackers to obtain sensitive user login information via crafted links combined with page view statistics.