5 matches found
Insecure Access Controls
mediawiki/core uses insecure access controls. Unauthorized users are able to retrieve suppressed username or log in Special:EditTags information...
CVE-2019-12469
MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed username or log in Special:EditTags are exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...
Design/Logic Flaw
MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed username or log in Special:EditTags are exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...
CVE-2019-12469
CVE-2019-12469 (MediaWiki) : Affected versions are MediaWiki up to 1.32.1. The issue is an Incorrect Access Control that exposes suppressed usernames or login status on Special:EditTags. Root cause is an access-control weakness in how EditTags visibility is enforced. Impact is information disclos...
Exposed suppressed username or log in Special:EditTags
More info at https://phabricator.wikimedia.org/T222036...