An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3. Attackers might be able to see edits for which the username has been hidden, because there is no check for rev_deleted.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://phabricator.wikimedia.org/T327613 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-03-31T00:00:00
Updated: 2024-08-02T14:00:15.959Z
Reserved: 2023-03-31T00:00:00
Link: CVE-2023-29140
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-03-31T19:15:07.503
Modified: 2023-04-11T06:08:23.753
Link: CVE-2023-29140
Redhat
No data.