MediaWiki Permissions Privileges and Access Controls Vulnerability - CVE-2010-1190 - Vulnerability Database

MediaWiki Permissions Privileges and Access Controls Vulnerability - CVE-2010-1190

Medium

Reference: CVE-2010-1190

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2010-1190

Title: MediaWiki Permissions Privileges and Access Controls Vulnerability

Overview:

thumb.php in MediaWiki before 1.15.2 when used with access-restriction mechanisms such as img_auth.php does not check user permissions before providing scaled images which allows remote attackers to bypass intended access restrictions and read private images via unspecified manipulations.