MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1579)
Description
The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 includes private data such as CSRF tokens in a JavaScript file, which allows remote attackers to obtain sensitive information.