An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. (The log_deleted attribute is not applied to entries.)
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://phabricator.wikimedia.org/T326867 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-07-06T00:00:00
Updated: 2024-08-02T04:33:11.911Z
Reserved: 2024-07-06T00:00:00
Link: CVE-2024-40598
Vulnrichment
Updated: 2024-07-31T19:00:50.740Z
NVD
Status : Analyzed
Published: 2024-07-07T00:15:10.240
Modified: 2024-07-09T16:45:38.957
Link: CVE-2024-40598
Redhat
No data.