CVE-2019-16528
Severity CVSS v4.0:
Pending analysis
Type:
CWE-532
Information Exposure Through Log Files
Publication date:
20/03/2020
Last modified:
21/07/2021
Description
An issue was discovered in the AbuseFilter extension for MediaWiki. includes/special/SpecialAbuseLog.php allows attackers to obtain sensitive information, such as deleted/suppressed usernames and summaries, from AbuseLog revision data. This affects REL1_32 and REL1_33.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:mediawiki:abusefilter:1.32:*:*:*:*:mediawiki:*:* | ||
| cpe:2.3:a:mediawiki:abusefilter:1.33:*:*:*:*:mediawiki:*:* |
To consult the complete list of CPE names with products and versions, see this page