BID:58304

MediaWiki 'mwdoc-filter.php' Information Disclosure Vulnerability

Info

MediaWiki 'mwdoc-filter.php' Information Disclosure Vulnerability

Bugtraq ID:	58304
Class:	Design Error
CVE:	CVE-2013-1818
Remote:	Yes
Local:	No
Published:	Feb 25 2013 12:00AM
Updated:	Nov 01 2013 01:11AM
Credit:	Platonides
Vulnerable:	Gentoo Linux

Not Vulnerable:

Discussion

MediaWiki 'mwdoc-filter.php' Information Disclosure Vulnerability

MediaWiki is prone to an information-disclosure vulnerability.

Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.

Versions prior to MediaWiki 1.20.3 are vulnerable.

Exploit / POC

MediaWiki 'mwdoc-filter.php' Information Disclosure Vulnerability

Attackers can use a browser to exploit this issue.

Solution / Fix

MediaWiki 'mwdoc-filter.php' Information Disclosure Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

References

MediaWiki 'mwdoc-filter.php' Information Disclosure Vulnerability

References: