Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2021-30153

An issue was discovered in the VisualEditor extension in MediaWiki before 1.31.13, and 1.32.x through 1.35.x before 1.35.2. . When using VisualEditor to edit a MediaWiki user page belonging to an existing, but hidden, user, VisualEditor will disclose that the user exists. (It shouldn't because they are hidden.) This is related to ApiVisualEditor.

  • Published: Apr 15, 2023
  • Updated: Apr 26, 2023
  • CVE: CVE-2021-30153
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWEs:

Software From Fixed in
mediawiki / mediawiki 1.32.0 1.35.2
mediawiki / mediawiki - 1.31.13