CVE-2026-34093 Special:UserRights allows viewing user rights from private wiki

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Specials/SpecialUserRights.Php. This issue affects MediaWiki: from before 1.43.7, 1.44.4, 1.45.2...

CVE-2021-44854

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. The REST API publicly caches results from private wikis...

GHSA-8HXM-42V5-66HM Moodle vulnerable to Cross-Site Request Forgery

Multiple cross-site request forgery CSRF vulnerabilities in mod/wiki/ components in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allow remote attackers to hijack the authentication of arbitrary users for requests that modify wiki data...

CVE-2016-1787

Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors...

CVE-2011-4298

Multiple cross-site request forgery CSRF vulnerabilities in mod/wiki/ components in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allow remote attackers to hijack the authentication of arbitrary users for requests that modify wiki data...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in mod/wiki/ components in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allow remote attackers to hijack the authentication of arbitrary users for requests that modify wiki data...

CVE-2011-4298

The CVE refers to multiple CSRF vulnerabilities in Moodle’s mod/wiki components affecting Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2, allowing remote attackers to hijack authentication for wiki data modification. The root cause is cross-site request forgery within the wiki module. Affected ...