Description MediaWiki 1.18.0 allows remote attackers to obtain the installation path via vectors related to thumbnail creation. Remediation References CVE-2014-1686 Related Vulnerabilities Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-0126) WordPress Plugin WP Symposium Open Redirect (13.04) WordPress Plugin Exxp Cross-Site Scripting (2.6.8) e107 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-4921) Joomla Improper Input Validation Vulnerability (CVE-2020-35616) Severity Medium Classification CVE-2014-1686 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities