4 matches found
Design/Logic Flaw
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. Some unprivileged users can view confidential information e.g., IP addresses and User-Agent headers for election traffic on a testwiki SecurePoll instance...
CVE-2021-46148
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. Some unprivileged users can view confidential information e.g., IP addresses and User-Agent headers for election traffic on a testwiki SecurePoll instance...
CVE-2021-46148
MediaWiki prior to 1.35.5, 1.36.x prior to 1.36.3, and 1.37.x prior to 1.37.1 contains a CSRF flaw related to MassEditRegex that can be triggered by unprivileged users on testwiki SecurePoll instances. Affected software: MediaWiki; vulnerable component/function: MassEditRegex handling that enable...
PT-2022-12582 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.5 MediaWiki versions 1.36.x prior to 1.36.3 MediaWiki versions 1.37.x prior to 1.37.1 Description: An issue allows some unprivileged users to view confidential information, such as IP addresses and User-Agent...