1. Home
  2. Security Advisories
  3. PHP (Composer)
  4. PHP:MEDIAWIKI-CORE-2018-0504

[PHP:MEDIAWIKI-CORE-2018-0504] When a log event is (partially) hidden Special:Redirect/logid can link to the incorrect log and reveal hidden information

Severity Medium
Affected Packages 4
CVEs 1
Info Packages References Vulnerabilities
When a log event is (partially) hidden Special:Redirect/logid can link to the incorrect log and reveal hidden information
Package Affected Version
pkg:composer/mediawiki/core >= 1.29.0, < 1.29.3
pkg:composer/mediawiki/core >= 1.27.0, < 1.27.5
pkg:composer/mediawiki/core >= 1.30.0, < 1.30.1
pkg:composer/mediawiki/core >= 1.31.0, < 1.31.1
ID
PHP:MEDIAWIKI-CORE-2018-0504
Severity
medium
Severity from
CVE-2018-0504
URL
https://phabricator.wikimedia.org/T187638
Published
2018-07-07T11:35:50
(6 years ago)
Modified
2020-11-18T21:45:25
(3 years ago)
Rights
PHP Security Advisories Database Team
Other Advisories
Source # ID Name URL
Security Advisory https://phabricator.wikimedia.org/T187638
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:composer/mediawiki/core mediawiki core >= 1.29.0 < 1.29.3
Affected pkg:composer/mediawiki/core mediawiki core >= 1.27.0 < 1.27.5
Affected pkg:composer/mediawiki/core mediawiki core >= 1.30.0 < 1.30.1
Affected pkg:composer/mediawiki/core mediawiki core >= 1.31.0 < 1.31.1
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date