← Back

CVE-2008-5688

nvd nist
Published: Dec 19, 2008Modified: Apr 23, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:P/I:N/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspecified requests that trigger an uncaught exception.

Affected (33)

Products: Mediawiki: Mediawiki
Mediawiki
1 product
Mediawiki
Configuration A
33 vulnerable
Vulnerable SoftwareAffected Versions
Mediawiki
Mediawiki
Version 1.10.0
Mediawiki
Version 1.10.0 rc1
Mediawiki
Version 1.10.0 rc2
Mediawiki
Version 1.10.1
Mediawiki
Version 1.10.2
Mediawiki
Version 1.10.3
Mediawiki
Version 1.10.4
Mediawiki
Version 1.11.1
Mediawiki
Version 1.11.2
Mediawiki
Version 1.11
Mediawiki
Version 1.11 rc1
Mediawiki
Version 1.12.0
Mediawiki
Version 1.12.0 rc1
Mediawiki
Version 1.12.1
Mediawiki
Version 1.12.2
Mediawiki
Version 1.12.3
Mediawiki
Version 1.13.0
Mediawiki
Version 1.13.0 rc1
Mediawiki
Version 1.13.0 rc2
Mediawiki
Version 1.13.1
Mediawiki
Version 1.13.2
Mediawiki
Version 1.8.1
Mediawiki
Version 1.8.2
Mediawiki
Version 1.8.3
Mediawiki
Version 1.8.4
Mediawiki
Version 1.8.5
Mediawiki
Version 1.9.0
Mediawiki
Version 1.9.1
Mediawiki
Version 1.9.2
Mediawiki
Version 1.9.3
Mediawiki
Version 1.9.4
Mediawiki
Version 1.9.5
Mediawiki
Version 1.9.6

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (10)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.