CVE-2016-6332
MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1, when $wgBlockDisablesLogin is true, might allow remote attackers to obtain sensitive information by leveraging failure to terminate sessions when a user account is blocked.
| Software | From | Fixed in |
|---|---|---|
| mediawiki / mediawiki | 1.26.4 | 1.26.4.x |
| mediawiki / mediawiki | - | 1.23.14.x |
| mediawiki / mediawiki | 1.26.3 | 1.26.3.x |
| mediawiki / mediawiki | 1.27.0 | 1.27.0.x |
| mediawiki / mediawiki | 1.26.1 | 1.26.1.x |
| mediawiki / mediawiki | 1.26.0 | 1.26.0.x |
| mediawiki / mediawiki | 1.26.2 | 1.26.2.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime