Description

MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter.

Remediation

References

CVE-2011-4360

Related Vulnerabilities

WordPress Plugin Re-attacher by BestWebSoft Cross-Site Scripting (1.0.8)

WordPress Plugin Simple 301 Redirects by BetterLinks Unspecified Vulnerability (1.06)

ownCloud Improper Input Validation Vulnerability (CVE-2012-2270)

Atlassian Confluence Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137)

Oracle JRE CVE-2024-20919 Vulnerability (CVE-2024-20919)

Severity

Medium

Classification

CVE-2011-4360 CWE-200

Tags

Missing Update Known Vulnerabilities