CVE-2013-4569
MediaWiki <1.19.9, <1.20.x-1.20.8, <1.21.x-1.21.3 - Info Disclosure
Title source: llmDescription
The CleanChanges extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3, when "Group changes by page in recent changes and watchlist" is enabled, allows remote attackers to obtain sensitive information (revision-deleted IPs) via the Recent Changes page.
References (4)
Core 4
Core References
Various Sources mailing-list
x_refsource_mlist
http://lists.wikimedia.org/pipermail/mediawiki-announce/2013-November/000135.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123011.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/122998.html
Issue Tracking x_refsource_confirm
https://bugzilla.wikimedia.org/show_bug.cgi?id=54294
Scores
EPSS
0.0046
EPSS Percentile
64.0%
Details
CWE
CWE-200
Status
published
Products (21)
mediawiki/mediawiki
1.20
mediawiki/mediawiki
1.20.1
mediawiki/mediawiki
1.20.2
mediawiki/mediawiki
1.20.3
mediawiki/mediawiki
1.20.4
mediawiki/mediawiki
1.20.5
mediawiki/mediawiki
1.20.6
mediawiki/mediawiki
1.20.7
mediawiki/mediawiki
1.19 (3 CPE variants)
mediawiki/mediawiki
1.19.0
... and 11 more
Published
Dec 13, 2013
Tracked Since
Feb 18, 2026