Information Disclosure Vulnerability in MediaWiki Thumbnail ImageMagick Argument

Information Disclosure Vulnerability in MediaWiki Thumbnail ImageMagick Argument

CVE-2015-8005 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail ImageMagick command line argument, which allows remote attackers to obtain the installation path by reading the metadata of a PNG thumbnail file.

Learn more about our Web Application Penetration Testing UK.