Miggo Logo

CVE-2018-0504: Mediawiki information disclosure vulnerability

6.5

CVSS Score
3.0

Basic Information

EPSS Score
0.81191%
Published
5/13/2022
Updated
5/15/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
mediawiki/corecomposer>= 1.27.0, < 1.27.51.27.5
mediawiki/corecomposer>= 1.29.0, < 1.29.31.29.3
mediawiki/corecomposer>= 1.30.0, < 1.30.11.30.1
mediawiki/corecomposer>= 1.31.0, < 1.31.11.31.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper access control in log entry retrieval. Special:Redirect/logid's handler (SpecialRedirect::execute) used log IDs without verifying if the entry was hidden via revision deletion. The Phabricator task T187638 shows the fix involved adding permission checks (LogEventsList::userCan) and filtering deleted entries. LogEventsList::getLogEntryFromId likely failed to enforce these checks pre-patch, while SpecialRedirect's handler didn't validate() visibility before redirecting.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

M**i*wiki *.** ***or* *.**.*, *.**.*, *.**.* *n* *.**.* *ont*ins *n in*orm*tion *is*losur* *l*w in t** Sp**i*l:R**ir**t/lo*i*

Reasoning

T** vuln*r**ility st*ms *rom improp*r ****ss *ontrol in lo* *ntry r*tri*v*l. Sp**i*l:R**ir**t/lo*i*'s **n*l*r (`Sp**i*lR**ir**t::*x**ut*`) us** lo* I*s wit*out v*ri*yin* i* t** *ntry w*s *i***n vi* r*vision **l*tion. T** P***ri**tor t*sk T****** s*ow