← back
CVE-2012-4382

CVE-2012-4382

EPSS 1.2%
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly protect user block metadata, which allows remote administrators to read a user block reason via a reblock attempt.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.htmlhttps://phabricator.wikimedia.org/T41823http://www.openwall.com/lists/oss-security/2012/08/31/10http://www.openwall.com/lists/oss-security/2012/08/31/6