RSS   Vulnerabilities for 'ECHO'   RSS

2015-11-09
 
CVE-2015-8007

 

 
The Echo extension for MediWiki does not properly implement the hideuser functionality, which allows remote authenticated users to see hidden usernames in "non-revision based" notifications, as demonstrated by viewing a hidden username in a Thanks notification.

 


Copyright 2024, cxsecurity.com

 

Back to Top