Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain sensitive "cross-site" information via the callback parameter in an API call for JavaScript Object Notation (JSON) formatted results.
Software | From | Fixed in |
---|---|---|
mediawiki / mediawiki | 1.11 | 1.11.x |
mediawiki / mediawiki | 1.11.1 | 1.11.1.x |