← back
CVE-2021-46148

CVE-2021-46148

EPSS 1.2%
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. Some unprivileged users can view confidential information (e.g., IP addresses and User-Agent headers for election traffic) on a testwiki SecurePoll instance.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://gerrit.wikimedia.org/r/q/Ib2715adb281f8892b586dcb1895e87ac0eb548b0https://phabricator.wikimedia.org/T290808https://phabricator.wikimedia.org/T290856