Description
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains an information disclosure flaw, where the api.log might contain passwords in plaintext.
Remediation
References
Related Vulnerabilities
WildFly Application Server Uncontrolled Resource Consumption Vulnerability (CVE-2016-9589)
WordPress Plugin Appointment Booking Calendar Cross-Site Scripting (1.3.18)
WordPress Plugin Users Ultra SQL Injection (1.5.15)
MediaWiki Improper Handling of Exceptional Conditions Vulnerability (CVE-2020-25869)