CVE-2020-29005
CVE-2020-29005 concerns the MediaWiki Push extension up to version 1.35, where the ApiPush credentials were transmitted in cleartext, enabling potential information disclosure. Affected component: Push extension API in MediaWiki. Root cause: credentials for ApiPush exposed via plaintext communica...