Information Disclosure Vulnerability in MediaWiki's Special:DeletedContributions Page

Information Disclosure Vulnerability in MediaWiki's Special:DeletedContributions Page

CVE-2015-6727 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the "Change block" text.

Learn more about our Web Application Penetration Testing UK.