CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
74.7%
MediaWiki 1.11, and other versions before 1.13.3, does not properly protect
against the download of backups of deleted images, which might allow remote
attackers to obtain sensitive information via requests for files in
images/deleted/.
Author | Note |
---|---|
mdeslaur | from debian: the CVE id description is wrong, this is fixed in 1.13.3 |