Exposure of Private Information in AbuseFilter Extension for MediaWiki

Exposure of Private Information in AbuseFilter Extension for MediaWiki

CVE-2019-18987 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter's definition.

Learn more about our Web Application Penetration Testing UK.