CVEDB API

Vulnerabilities

Vulnerable Software

Mediawiki: >> Checkuser Security Vulnerabilities

CVE-2019-16529

An issue was discovered in the CheckUser extension through 1.35.0 for MediaWiki. Oversighted edit summaries are still visible in CheckUser results in violation of MediaWiki's permissions model.

CVSS Score

5.3

EPSS Score

0.002

Published

2020-03-19

CVE-2019-18611

An issue was discovered in the CheckUser extension through 1.34 for MediaWiki. Certain sensitive information within oversighted edit summaries made available via the MediaWiki API was potentially visible to users with various levels of access to this extension. Said users should not have been able to view these oversighted edit summaries via the MediaWiki API.

CVSS Score

6.5

EPSS Score

0.004

Published

2019-10-29

CVE-2015-2940

Cross-site request forgery (CSRF) vulnerability in the CheckUser extension for MediaWiki allows remote attackers to hijack the authentication of certain users for requests that retrieve sensitive user information via unspecified vectors.

CVSS Score

6.8

EPSS Score

0.003

Published

2015-04-13

Page 1

Vulnerabilities

Vulnerable Software

Mediawiki: >> Checkuser Security Vulnerabilities

Products

Pricing

Contact Us