Home > Vulnerability Database > CVE-2023-45369

Mend.io Vulnerability Database

CVE-2023-45369

Date: October 9, 2023

An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Usernames of hidden users are exposed.

Language: PHP

Severity Score

4.3

Related Resources (4)

Url: https://gerrit.wikimedia.org/r/c/mediawiki/extensions/PageTriage/+/960676

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-45369

Url: https://phabricator.wikimedia.org/T344359

Url: https://www.mend.io/vulnerability-database/CVE-2023-45369

Severity Score

4.3

Weakness Type (CWE)

Incorrect Permission Assignment for Critical Resource

CWE-732

CVSS v3.1

Base Score:	4.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2023-45369

Date: October 9, 2023

Language: PHP

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?