CVE-2024-40598 | CheckUser Extension up to 1.42.1 on MediaWiki API log_deleted information disclosure

Inserito da Angelo Barbosa | Lug 7, 2024 | CVE

A vulnerability was found in CheckUser Extension up to 1.42.1 on MediaWiki and classified as problematic. Affected by this issue is some unknown functionality of the component API. The manipulation of the argument log_deleted leads to information disclosure.

This vulnerability is handled as CVE-2024-40598. The attack may be launched remotely. There is no exploit available.

CVE-2024-40598 | CheckUser Extension up to 1.42.1 on MediaWiki API log_deleted information disclosure

Post correlati

CVE-2024-23496 | GGUF llama.cpp gguf_fread_str integer overflow (TALOS-2024-1913)

CVE-2023-49376 | JFinalCMS 5.0.0 /admin/tag/delete cross-site request forgery

CVE-2024-29506 | Artifex Ghostscript up to 10.2.x PDF Filter Name pdfi_apply_filter stack-based overflow

CVE-2024-39153 | idcCMS 1.35 The info_deal.php cross-site request forgery