Description

MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter.

Remediation

References

CVE-2011-4360

Related Vulnerabilities

WordPress Plugin Redirect 404 to parent Cross-Site Scripting (1.3.0)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5732)

WebLogic CVE-2023-21842 Vulnerability (CVE-2023-21842)

WordPress Plugin WP AmASIN-The Amazon Affiliate Shop Directory Traversal (0.9.6)

WordPress Plugin BuddyPress Customer.io Analytics Integration Cross-Site Request Forgery (1.1.6)

Severity

Medium

Classification

CVE-2011-4360 CWE-200

Tags

Missing Update Known Vulnerabilities