Vulnerabilities > CVE-2023-45362 - Unspecified vulnerability in Mediawiki

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
mediawiki
NVD
Published: 2023-11-03
Updated: 2023-11-28

Summary

An issue was discovered in DifferenceEngine.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. diff-multi-sameuser (aka "X intermediate revisions by the same user not shown") ignores username suppression. This is an information leak.

Vulnerable Configurations

Part Description Count
Application
Mediawiki
419

References