Description

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain information about deleted page via the (1) log API, (2) enhanced RecentChanges, and (3) user watchlists.

Remediation

References

CVE-2013-6472

Related Vulnerabilities

Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5323)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21731)

jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5312)

EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-17302)

Oracle Application Server CVE-2006-0284 Vulnerability (CVE-2006-0284)

Severity

Medium

Classification

CVE-2013-6472 CWE-200

Tags

Missing Update Known Vulnerabilities