vulnerability

MediaWiki: Information Exposure Through Log Files (CVE-2021-31546)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:P/I:N/A:N)	2021-04-22	2021-04-26	2024-03-07

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

2021-04-22

Added

2021-04-26

Modified

2024-03-07

Description

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly logged sensitive suppression deletions, which should not have been visible to users with access to view AbuseFilter log data.

Solution

mediawiki-upgrade-latest

References

CVE-2021-31546
https://attackerkb.com/topics/CVE-2021-31546
URL-https://gerrit.wikimedia.org/r/q/I38a0a24fa32ca7a052b6940864a32b3856e84553
URL-https://phabricator.wikimedia.org/T71617

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today