MediaWiki prior to 1.23.11, 1.24.x prior to 1.24.4, and 1.25.x prior to 1.25.3 uses the thumbnail ImageMagick command line argument, which allows remote malicious users to obtain the installation path by reading the metadata of a PNG thumbnail file.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
mediawiki mediawiki |
||
mediawiki mediawiki 1.25.1 |
||
mediawiki mediawiki 1.25.2 |
||
mediawiki mediawiki 1.24.1 |
||
mediawiki mediawiki 1.24.3 |
||
mediawiki mediawiki 1.24.0 |
||
mediawiki mediawiki 1.24.2 |
||
mediawiki mediawiki 1.25.0 |
Vulmon