Description
Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Privileged API responses that include whether a recent change has been patrolled may be cached publicly. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.
Remediation
References
Related Vulnerabilities
PleskWin URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-24044)
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2021-32621)
MySQL CVE-2016-0667 Vulnerability (CVE-2016-0667)
IBM RTC Improper Input Validation Vulnerability (CVE-2015-1928)
WordPress Plugin Quiz Tool Lite Multiple Cross-Site Scripting Vulnerabilities (2.3.15)