CVE-2017-0361
Description
Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains an information disclosure flaw, where the api.log might contain passwords in plaintext.
CWE
- (none)
Affected
- mediawiki / mediawiki — v=n/a [affected]
CVSS
- (none)
References
- https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html mailing-list, x_refsource_MLIST
- https://security-tracker.debian.org/tracker/CVE-2017-0361 x_refsource_CONFIRM
- https://phabricator.wikimedia.org/T125177 x_refsource_CONFIRM
- http://www.securitytracker.com/id/1039812 vdb-entry, x_refsource_SECTRACK
Source
cvelistV5-main/cves/2017/0xxx/CVE-2017-0361.json