What is the severity of CVE-2015-8628?

CVE-2015-8628 is classified as a high severity vulnerability due to its potential to expose sensitive user login information.

Which versions of MediaWiki are affected by CVE-2015-8628?

CVE-2015-8628 affects MediaWiki versions prior to 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1.

How do I fix CVE-2015-8628?

To fix CVE-2015-8628, upgrade MediaWiki to the latest version that is not vulnerable.

What kind of information can be obtained through CVE-2015-8628?

CVE-2015-8628 allows attackers to obtain sensitive user login information by exploiting vulnerable pages.

Can CVE-2015-8628 be exploited remotely?

Yes, CVE-2015-8628 can be exploited by remote attackers without requiring any local access.

Vulnerability/
CVE-2015-8628

medium

5.3

CWE

200

23/3/2017

6/8/2024

CVE-2015-8628: Infoleak

First published: Thu Mar 23 2017(Updated: )

The (1) Special:MyPage, (2) Special:MyTalk, (3) Special:MyContributions, (4) Special:MyUploads, and (5) Special:AllMyUploads pages in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 allow remote attackers to obtain sensitive user login information via crafted links combined with page view statistics.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Wikimedia MediaWiki	<=1.23.11
Wikimedia MediaWiki	=1.24.0
Wikimedia MediaWiki	=1.24.1
Wikimedia MediaWiki	=1.24.2
Wikimedia MediaWiki	=1.24.3
Wikimedia MediaWiki	=1.24.4
Wikimedia MediaWiki	=1.25.0
Wikimedia MediaWiki	=1.25.1
Wikimedia MediaWiki	=1.25.2
Wikimedia MediaWiki	=1.25.3
Wikimedia MediaWiki	=1.26.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-8628?
CVE-2015-8628 is classified as a high severity vulnerability due to its potential to expose sensitive user login information.
Which versions of MediaWiki are affected by CVE-2015-8628?
CVE-2015-8628 affects MediaWiki versions prior to 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1.
How do I fix CVE-2015-8628?
To fix CVE-2015-8628, upgrade MediaWiki to the latest version that is not vulnerable.
What kind of information can be obtained through CVE-2015-8628?
CVE-2015-8628 allows attackers to obtain sensitive user login information by exploiting vulnerable pages.
Can CVE-2015-8628 be exploited remotely?
Yes, CVE-2015-8628 can be exploited by remote attackers without requiring any local access.

agent/references
agent/type
agent/remedy
agent/weakness
agent/severity
agent/author
agent/softwarecombine
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/mediawiki
canonical/wikimedia mediawiki
version/wikimedia mediawiki/1.23.11
version/wikimedia mediawiki/1.24.0
version/wikimedia mediawiki/1.24.1
version/wikimedia mediawiki/1.24.2
version/wikimedia mediawiki/1.24.3
version/wikimedia mediawiki/1.24.4
version/wikimedia mediawiki/1.25.0
version/wikimedia mediawiki/1.25.1
version/wikimedia mediawiki/1.25.2
version/wikimedia mediawiki/1.25.3
version/wikimedia mediawiki/1.26.0

Frequently Asked Questions

What is the severity of CVE-2015-8628?
CVE-2015-8628 is classified as a high severity vulnerability due to its potential to expose sensitive user login information.
Which versions of MediaWiki are affected by CVE-2015-8628?
CVE-2015-8628 affects MediaWiki versions prior to 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1.
How do I fix CVE-2015-8628?
To fix CVE-2015-8628, upgrade MediaWiki to the latest version that is not vulnerable.
What kind of information can be obtained through CVE-2015-8628?
CVE-2015-8628 allows attackers to obtain sensitive user login information by exploiting vulnerable pages.
Can CVE-2015-8628 be exploited remotely?
Yes, CVE-2015-8628 can be exploited by remote attackers without requiring any local access.

CVE-2015-8628: Infoleak

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-8628?

Which versions of MediaWiki are affected by CVE-2015-8628?

How do I fix CVE-2015-8628?

What kind of information can be obtained through CVE-2015-8628?

Can CVE-2015-8628 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2015-8628?

Which versions of MediaWiki are affected by CVE-2015-8628?

How do I fix CVE-2015-8628?

What kind of information can be obtained through CVE-2015-8628?

Can CVE-2015-8628 be exploited remotely?