Description
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki.
This vulnerability is associated with program files includes/Actions/InfoAction.Php.
This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.
This vulnerability is associated with program files includes/Actions/InfoAction.Php.
This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
| Link | Providers |
|---|---|
| https://phabricator.wikimedia.org/T427235 |
|
History
Wed, 01 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Actions/InfoAction.Php. This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9. | |
| Title | "Total number of distinct authors" statistic at action=info does not exclude revisions where the author name was deleted | |
| Weaknesses | CWE-200 | |
| References |
| |
| Metrics |
cvssV4_0
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: wikimedia-foundation
Published:
Updated: 2026-07-01T15:48:16.722Z
Reserved: 2026-06-27T13:32:37.577Z
Link: CVE-2026-58033
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses