An issue was discovered in the CheckUserLog API in the CheckUser extension for MediaWiki through 1.39.3. There is incorrect access control for visibility of hidden users.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Mediawiki |
Mediawiki |
* |
1.39.3 (including) |
References