CVE-2008-5687
CVE-2008-5687
MediaWiki 1.11, and other versions before 1.13.3, does not properly protect against the download of backups of deleted images, which might allow remote attackers to obtain sensitive information via requests for files in images/deleted/.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.wikimedia.org/pipermail/mediawiki-announce/2008-December/000080.htmlhttp://secunia.com/advisories/33349https://exchange.xforce.ibmcloud.com/vulnerabilities/47678https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01256.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-December/msg01309.html