Published: 26/09/2019 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

In MediaWiki up to and including 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mediawiki mediawiki
fedoraproject fedora 30
fedoraproject fedora 31
debian debian linux 9.0
debian debian linux 10.0

It was discovered that the Special:Redirect functionality of MediaWiki, a website engine for collaborative work, could expose suppressed user names, resulting in an information leak For the oldstable distribution (stretch), this problem has been fixed in version 1:1277-1~deb9u2 For the stable distribution (buster), this problem has been fixed i ...

Impact: Moderate Public Date: 2019-09-25 CWE: CWE-200 Bugzilla: 1755762: CVE-2019-16738 mediawiki: info ...

CWE-862 https://phabricator.wikimedia.org/T230402 https://www.debian.org/security/2019/dsa-4545 https://seclists.org/bugtraq/2019/Oct/32 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7OMG3BMUHGWTAPYTK2NXM6CXF6FYLOUO/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QBAOLXETM5BOYQG6OQVHGB2LNLZUXVN6/https://nvd.nist.gov https://www.debian.org/security/2019/dsa-4545

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-16738

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect