CVE-2024-40596

July 7, 2024, 12:15 a.m.

Tags

cve@mitre.org
2024-07-07
CVE-2024-40596

Product(s) Impacted

MediaWiki CheckUser extension

  • up to 1.42.1

Description

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special:Investigate feature can expose suppressed information for log events. (TimelineService does not support properly suppressing.)

Weaknesses

Date

Published: July 7, 2024, 12:15 a.m.

Last Modified: July 7, 2024, 12:15 a.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://phabricator.wikimedia.org/T326866
cve@mitre.org