CVE-2017-0367 Having LocalisationCache directory default to system tmp directory is insecure

2017-04-0600:00:00

debian

www.cve.org

9.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.5%

JSON

Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having LocalisationCache directory default to system tmp directory is insecure.

CNA Affected

[
  {
    "product": "mediawiki",
    "vendor": "mediawiki",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]