PKSA-fksz-ptgz-3jth Security Advisory
-
[HIGH] API responses for unpatrolled or (not) autopatrolled recent changes require privileges but may be cached publicly
PKSA-fksz-ptgz-3jth CVE-2019-12474 GHSA-2qrr-c2gh-pr35
Affected package: mediawiki/core
Affected version: >=1.27.0,<1.27.6|>=1.30.0,<1.30.2|>=1.31.0,<1.31.2|>=1.32.0,<1.32.2
Reported by:
GitHub, FriendsOfPHP/security-advisories