Lucene search

MitreCVELIST:CVE-2023-37305

HistoryJun 30, 2023 - 12:00 a.m.

CVE-2023-37305

2023-06-3000:00:00

mitre

www.cve.org

mediawiki

proofreadpage

extension

vulnerability

cve-2023-37305

pagecontenthandler

pagedisplayhandler

hidden users

exposed

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.5%

JSON

An issue was discovered in the ProofreadPage (aka Proofread Page) extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces.

References

gerrit.wikimedia.org/r/q/Ibe5f8e25dea155bbd811a65833394c0d4b906a34

phabricator.wikimedia.org/T326952