Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an information disclosure flaw in the Special:Redirect/logid
The product writes sensitive information to a log file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mediawiki | Mediawiki | 1.31.0 (including) | 1.31.1 (excluding) |
Mediawiki | Mediawiki | 1.27.5 (including) | 1.27.5 (including) |
Mediawiki | Mediawiki | 1.29.3 (including) | 1.29.3 (including) |
Mediawiki | Mediawiki | 1.30.1 (including) | 1.30.1 (including) |
Red Hat OpenShift Container Platform 3.10 | RedHat | mediawiki-0:1.27.7-1.el7 | * |
Red Hat OpenShift Container Platform 3.9 | RedHat | mediawiki123-0:1.23.17-1.el7 | * |
Mediawiki | Ubuntu | bionic | * |
Mediawiki | Ubuntu | esm-apps/bionic | * |
Mediawiki | Ubuntu | trusty | * |
Mediawiki | Ubuntu | upstream | * |