Information Disclosure Vulnerability in AbuseFilterCheckMatch API

Information Disclosure Vulnerability in AbuseFilterCheckMatch API

CVE-2021-31547 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its AbuseFilterCheckMatch API reveals suppressed edits and usernames to unprivileged users through the iteration of crafted AbuseFilter rules.

Learn more about our Api Penetration Testing.