First published: Fri Mar 31 2023(Updated: )
An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3. Attackers might be able to see edits for which the username has been hidden, because there is no check for rev_deleted.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
MediaWiki MediaWiki | <=1.39.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2023-29140.
The title of the vulnerability is 'An issue was discovered in the GrowthExperiments extension for MediaWiki through 1.39.3.'
The affected software is MediaWiki through version 1.39.3.
The severity of the vulnerability is medium with a CVSS score of 5.3.
Attackers might be able to see edits for which the username has been hidden, because there is no check for rev_deleted.