CVE-2024-40597

State: PUBLISHED · Published: 2024-07-06 · Updated: 2024-08-02 · Assigner: mitre

Description

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. It can expose suppressed information for log events. (The log_deleted attribute is not respected.)

CWE

CWE-200 — CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Affected

n/a / n/a — v=n/a [affected]

CVSS

(none)

References

https://phabricator.wikimedia.org/T326865

Source

cvelistV5-main/cves/2024/40xxx/CVE-2024-40597.json