CVE-2013-6472
MediaWiki <1.19.10, 1.2x<1.21.4, 1.22.x<1.22.1 - Unauthorized Exposure of Deleted Page Info
Title source: llmDescription
MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain information about deleted page via the (1) log API, (2) enhanced RecentChanges, and (3) user watchlists.
References (1)
Core 1
Core References
Patch, Vendor Advisory mailing-list
x_refsource_mlist
http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-January/000138.html
Scores
EPSS
0.0040
EPSS Percentile
61.0%
Details
CWE
CWE-200
Status
published
Products (16)
mediawiki/mediawiki
1.22.0
mediawiki/mediawiki
1.19 (3 CPE variants)
mediawiki/mediawiki
1.19.0
mediawiki/mediawiki
1.19.1
mediawiki/mediawiki
1.19.2
mediawiki/mediawiki
1.19.3
mediawiki/mediawiki
1.19.4
mediawiki/mediawiki
1.19.5
mediawiki/mediawiki
1.19.6
mediawiki/mediawiki
1.19.7
... and 6 more
Published
May 12, 2014
Tracked Since
Feb 18, 2026