← Back

CVE-2008-5687

nvd nist
Published: Dec 19, 2008Modified: Apr 23, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

MediaWiki 1.11, and other versions before 1.13.3, does not properly protect against the download of backups of deleted images, which might allow remote attackers to obtain sensitive information via requests for files in images/deleted/.

Affected (14)

Products: Mediawiki: Mediawiki
Mediawiki
1 product
Mediawiki
Configuration A
14 vulnerable
Vulnerable SoftwareAffected Versions
Mediawiki
Mediawiki
Version 1.11.1
Mediawiki
Version 1.11.2
Mediawiki
Version 1.11
Mediawiki
Version 1.11 rc1
Mediawiki
Version 1.12.0
Mediawiki
Version 1.12.0 rc1
Mediawiki
Version 1.12.1
Mediawiki
Version 1.12.2
Mediawiki
Version 1.12.3
Mediawiki
Version 1.13.0
Mediawiki
Version 1.13.0 rc1
Mediawiki
Version 1.13.0 rc2
Mediawiki
Version 1.13.1
Mediawiki
Version 1.13.2

Related CWEs

CWE-264
CWE-264

References (10)

Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.