Untriaged
Complete content leak of private wikis due to PasswordReset Wikitext injection in error message
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLUserTextField.Php. This issue affects MediaWiki: from * through 1.39.12, 1.42.76 1.43.1, 1.44.0.
Affected products
MediaWiki
- =<1.39.12, 1.42.76 1.43.1, 1.44.0
Package maintainers
-
@SuperSandro2000 Sandro Jäckel <sandro.jaeckel@gmail.com>
-
@gshipunov Grigory Shipunov <blame@oxapentane.com>
-
@astro Astro <astro@spaceboyz.net>
-
@tanneberger Tassilo Tanneberger <revol-xut@protonmail.com>