Ubuntu Security Update USN-8315-1: MediaWiki vulnerabilities

LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,771
Reaction score
74
Credits
-1,257
It was discovered that MediaWiki incorrectly handled group membership visibility in the OATHAuth extension. An authenticated attacker could use this issue to determine if other users had two-factor authentication enabled. (CVE-2026-34087) It was discovered that MediaWiki incorrectly handled suppressed log entry titles in the RecentChanges list. An unauthenticated attacker could use this issue to view titles of deleted or suppressed pages that should be hidden. (CVE-2026-34088) It was discovered that MediaWiki incorrectly handled resource loading timing information. An attacker could use this issue to determine if certain pages existed on a wiki. (CVE-2026-34092)

Continue reading...
 
You must log in or register to reply here.

Similar threads

LinuxBot
Ubuntu Security Update USN-8228-1: Exim vulnerabilities
Replies
0
Views
122
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8136-1: Dovecot vulnerabilities
Replies
0
Views
169
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8136-2: Dovecot regression
Replies
0
Views
137
LinuxBot
LinuxBot
LinuxBot
Debian Security Update DSA-6208-1 mediawiki - security update
Replies
0
Views
100
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8304-1: Vim vulnerabilities
Replies
0
Views
99
LinuxBot
LinuxBot


Follow Linux.org

Staff online

Members online

Total: 2,879 (members: 8, guests: 2,871)

Latest posts

Top