Description
MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Redirect 404 to parent Cross-Site Scripting (1.3.0)
WebLogic CVE-2023-21842 Vulnerability (CVE-2023-21842)
WordPress Plugin WP AmASIN-The Amazon Affiliate Shop Directory Traversal (0.9.6)
WordPress Plugin BuddyPress Customer.io Analytics Integration Cross-Site Request Forgery (1.1.6)