MediaWiki is prone to a security-bypass vulnerability because it fails to properly restrict access to restricted content. An attacker can exploit this issue to bypass intended security measures to view restricted content in private wikis. Versions after MediaWiki 1.15 and prior to MediaWiki 1.15.2 are vulnerable.

Updates are available. Please see the references for more information.

• http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html
• http://wikipedia.sourceforge.net/
• http://www.securityfocus.com/bid/38617

---

Updated on 2015-03-25