5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
74.5%
MediaWiki 1.11, and other versions before 1.13.3, does not properly protect
against the download of backups of deleted images, which might allow remote
attackers to obtain sensitive information via requests for files in
images/deleted/.
Author | Note |
---|---|
mdeslaur | from debian: the CVE id description is wrong, this is fixed in 1.13.3 |