Published: 09/10/2023 Updated: 12/10/2023

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 0

An issue exists in includes/page/Article.php in MediaWiki 1.36.x up to and including 1.39.x prior to 1.39.5 and 1.40.x prior to 1.40.1. Deleted revision existence is leaked due to incorrect permissions being checked. This reveals that a given revision ID belonged to the given page title, and its timestamp, both of which are not supposed to be public information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mediawiki mediawiki 1.40.0
mediawiki mediawiki
debian debian linux 11.0
debian debian linux 12.0

Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting, denial of service or information disclosure For the oldstable distribution (bullseye), these problems have been fixed in version 1:13513-1~deb11u1 For the stable distribution (bookworm), these problems have ...

CWE-732 https://phabricator.wikimedia.org/T264765 https://www.debian.org/security/2023/dsa-5520 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5520

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-45364

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect