MediaWiki Vulnerability - CVE-2023-29137
Reference:
CVE-2023-29137
Title:
MediaWiki Vulnerability
Overview:
An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3. The UserImpactHandler for GrowthExperiments inadvertently returns the timezone preference for arbitrary users which can be used to de-anonymize users.