Search
Find a vulnerability
Search criteria
6 vulnerabilities found for abusefilter by mediawiki
CVE-2019-16528 (GCVE-0-2019-16528)
Vulnerability from nvd – Published: 2020-03-20 20:37 – Updated: 2024-08-05 01:17
VLAI
Summary
An issue was discovered in the AbuseFilter extension for MediaWiki. includes/special/SpecialAbuseLog.php allows attackers to obtain sensitive information, such as deleted/suppressed usernames and summaries, from AbuseLog revision data. This affects REL1_32 and REL1_33.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://phabricator.wikimedia.org/T224203 | x_refsource_MISC |
| https://gerrit.wikimedia.org/r/c/mediawiki/extens… | x_refsource_MISC |
| https://gerrit.wikimedia.org/r/c/mediawiki/extens… | x_refsource_MISC |
| https://gerrit.wikimedia.org/r/c/mediawiki/extens… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:17:41.007Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://phabricator.wikimedia.org/T224203"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538051/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538053/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538054/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the AbuseFilter extension for MediaWiki. includes/special/SpecialAbuseLog.php allows attackers to obtain sensitive information, such as deleted/suppressed usernames and summaries, from AbuseLog revision data. This affects REL1_32 and REL1_33."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-20T20:37:15.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://phabricator.wikimedia.org/T224203"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538051/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538053/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538054/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16528",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the AbuseFilter extension for MediaWiki. includes/special/SpecialAbuseLog.php allows attackers to obtain sensitive information, such as deleted/suppressed usernames and summaries, from AbuseLog revision data. This affects REL1_32 and REL1_33."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://phabricator.wikimedia.org/T224203",
"refsource": "MISC",
"url": "https://phabricator.wikimedia.org/T224203"
},
{
"name": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538051/",
"refsource": "MISC",
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538051/"
},
{
"name": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538053/",
"refsource": "MISC",
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538053/"
},
{
"name": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538054/",
"refsource": "MISC",
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538054/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16528",
"datePublished": "2020-03-20T20:37:15.000Z",
"dateReserved": "2019-09-19T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:17:41.007Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18987 (GCVE-0-2019-18987)
Vulnerability from nvd – Published: 2019-11-15 05:08 – Updated: 2024-08-05 02:02
VLAI
Summary
An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter's definition.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://phabricator.wikimedia.org/T237887 | x_refsource_MISC |
| https://gerrit.wikimedia.org/r/q/Ic12790bd3398247… | x_refsource_MISC |
| https://www.mediawiki.org/wiki/Extension:AbuseFilter | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.853Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://phabricator.wikimedia.org/T237887"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.wikimedia.org/r/q/Ic12790bd33982473f77551bde9599ed083a3e1f1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mediawiki.org/wiki/Extension:AbuseFilter"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter\u0027s definition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-15T05:08:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://phabricator.wikimedia.org/T237887"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.wikimedia.org/r/q/Ic12790bd33982473f77551bde9599ed083a3e1f1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mediawiki.org/wiki/Extension:AbuseFilter"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter\u0027s definition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://phabricator.wikimedia.org/T237887",
"refsource": "MISC",
"url": "https://phabricator.wikimedia.org/T237887"
},
{
"name": "https://gerrit.wikimedia.org/r/q/Ic12790bd33982473f77551bde9599ed083a3e1f1",
"refsource": "MISC",
"url": "https://gerrit.wikimedia.org/r/q/Ic12790bd33982473f77551bde9599ed083a3e1f1"
},
{
"name": "https://www.mediawiki.org/wiki/Extension:AbuseFilter",
"refsource": "MISC",
"url": "https://www.mediawiki.org/wiki/Extension:AbuseFilter"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18987",
"datePublished": "2019-11-15T05:08:00.000Z",
"dateReserved": "2019-11-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:02:39.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18612 (GCVE-0-2019-18612)
Vulnerability from nvd – Published: 2019-10-29 15:41 – Updated: 2024-08-05 01:54
VLAI
Summary
An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Previously hidden (restricted) AbuseFilter filters were viewable (or their differences were viewable) to unprivileged users, thus disclosing potentially sensitive information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://phabricator.wikimedia.org/T104807 | x_refsource_MISC |
| https://gerrit.wikimedia.org/r/q/Ie23e8234ae55027… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:54:14.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://phabricator.wikimedia.org/T104807"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.wikimedia.org/r/q/Ie23e8234ae550273bf3f6f9c5ac45b7fc54eec2a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Previously hidden (restricted) AbuseFilter filters were viewable (or their differences were viewable) to unprivileged users, thus disclosing potentially sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-29T15:41:04.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://phabricator.wikimedia.org/T104807"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.wikimedia.org/r/q/Ie23e8234ae550273bf3f6f9c5ac45b7fc54eec2a"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Previously hidden (restricted) AbuseFilter filters were viewable (or their differences were viewable) to unprivileged users, thus disclosing potentially sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://phabricator.wikimedia.org/T104807",
"refsource": "MISC",
"url": "https://phabricator.wikimedia.org/T104807"
},
{
"name": "https://gerrit.wikimedia.org/r/q/Ie23e8234ae550273bf3f6f9c5ac45b7fc54eec2a",
"refsource": "MISC",
"url": "https://gerrit.wikimedia.org/r/q/Ie23e8234ae550273bf3f6f9c5ac45b7fc54eec2a"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18612",
"datePublished": "2019-10-29T15:41:04.000Z",
"dateReserved": "2019-10-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:54:14.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16528 (GCVE-0-2019-16528)
Vulnerability from cvelistv5 – Published: 2020-03-20 20:37 – Updated: 2024-08-05 01:17
VLAI
Summary
An issue was discovered in the AbuseFilter extension for MediaWiki. includes/special/SpecialAbuseLog.php allows attackers to obtain sensitive information, such as deleted/suppressed usernames and summaries, from AbuseLog revision data. This affects REL1_32 and REL1_33.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://phabricator.wikimedia.org/T224203 | x_refsource_MISC |
| https://gerrit.wikimedia.org/r/c/mediawiki/extens… | x_refsource_MISC |
| https://gerrit.wikimedia.org/r/c/mediawiki/extens… | x_refsource_MISC |
| https://gerrit.wikimedia.org/r/c/mediawiki/extens… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:17:41.007Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://phabricator.wikimedia.org/T224203"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538051/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538053/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538054/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the AbuseFilter extension for MediaWiki. includes/special/SpecialAbuseLog.php allows attackers to obtain sensitive information, such as deleted/suppressed usernames and summaries, from AbuseLog revision data. This affects REL1_32 and REL1_33."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-20T20:37:15.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://phabricator.wikimedia.org/T224203"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538051/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538053/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538054/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16528",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the AbuseFilter extension for MediaWiki. includes/special/SpecialAbuseLog.php allows attackers to obtain sensitive information, such as deleted/suppressed usernames and summaries, from AbuseLog revision data. This affects REL1_32 and REL1_33."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://phabricator.wikimedia.org/T224203",
"refsource": "MISC",
"url": "https://phabricator.wikimedia.org/T224203"
},
{
"name": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538051/",
"refsource": "MISC",
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538051/"
},
{
"name": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538053/",
"refsource": "MISC",
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538053/"
},
{
"name": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538054/",
"refsource": "MISC",
"url": "https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538054/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16528",
"datePublished": "2020-03-20T20:37:15.000Z",
"dateReserved": "2019-09-19T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:17:41.007Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18987 (GCVE-0-2019-18987)
Vulnerability from cvelistv5 – Published: 2019-11-15 05:08 – Updated: 2024-08-05 02:02
VLAI
Summary
An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter's definition.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://phabricator.wikimedia.org/T237887 | x_refsource_MISC |
| https://gerrit.wikimedia.org/r/q/Ic12790bd3398247… | x_refsource_MISC |
| https://www.mediawiki.org/wiki/Extension:AbuseFilter | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.853Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://phabricator.wikimedia.org/T237887"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.wikimedia.org/r/q/Ic12790bd33982473f77551bde9599ed083a3e1f1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mediawiki.org/wiki/Extension:AbuseFilter"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter\u0027s definition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-15T05:08:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://phabricator.wikimedia.org/T237887"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.wikimedia.org/r/q/Ic12790bd33982473f77551bde9599ed083a3e1f1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mediawiki.org/wiki/Extension:AbuseFilter"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Once a specific abuse filter has (accidentally or otherwise) been made public, its previous versions can be exposed, thus potentially disclosing private or sensitive information within the filter\u0027s definition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://phabricator.wikimedia.org/T237887",
"refsource": "MISC",
"url": "https://phabricator.wikimedia.org/T237887"
},
{
"name": "https://gerrit.wikimedia.org/r/q/Ic12790bd33982473f77551bde9599ed083a3e1f1",
"refsource": "MISC",
"url": "https://gerrit.wikimedia.org/r/q/Ic12790bd33982473f77551bde9599ed083a3e1f1"
},
{
"name": "https://www.mediawiki.org/wiki/Extension:AbuseFilter",
"refsource": "MISC",
"url": "https://www.mediawiki.org/wiki/Extension:AbuseFilter"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18987",
"datePublished": "2019-11-15T05:08:00.000Z",
"dateReserved": "2019-11-15T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:02:39.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18612 (GCVE-0-2019-18612)
Vulnerability from cvelistv5 – Published: 2019-10-29 15:41 – Updated: 2024-08-05 01:54
VLAI
Summary
An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Previously hidden (restricted) AbuseFilter filters were viewable (or their differences were viewable) to unprivileged users, thus disclosing potentially sensitive information.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://phabricator.wikimedia.org/T104807 | x_refsource_MISC |
| https://gerrit.wikimedia.org/r/q/Ie23e8234ae55027… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:54:14.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://phabricator.wikimedia.org/T104807"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gerrit.wikimedia.org/r/q/Ie23e8234ae550273bf3f6f9c5ac45b7fc54eec2a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Previously hidden (restricted) AbuseFilter filters were viewable (or their differences were viewable) to unprivileged users, thus disclosing potentially sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-29T15:41:04.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://phabricator.wikimedia.org/T104807"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gerrit.wikimedia.org/r/q/Ie23e8234ae550273bf3f6f9c5ac45b7fc54eec2a"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the AbuseFilter extension through 1.34 for MediaWiki. Previously hidden (restricted) AbuseFilter filters were viewable (or their differences were viewable) to unprivileged users, thus disclosing potentially sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://phabricator.wikimedia.org/T104807",
"refsource": "MISC",
"url": "https://phabricator.wikimedia.org/T104807"
},
{
"name": "https://gerrit.wikimedia.org/r/q/Ie23e8234ae550273bf3f6f9c5ac45b7fc54eec2a",
"refsource": "MISC",
"url": "https://gerrit.wikimedia.org/r/q/Ie23e8234ae550273bf3f6f9c5ac45b7fc54eec2a"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18612",
"datePublished": "2019-10-29T15:41:04.000Z",
"dateReserved": "2019-10-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:54:14.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}