The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 includes private data such as CSRF tokens in a JavaScript file, which allows remote attackers to obtain sensitive information.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-09-09T21:00:00Z

Updated: 2024-08-06T19:01:02.555Z

Reserved: 2012-03-12T00:00:00Z

Link: CVE-2012-1579

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-09-09T21:55:06.010

Modified: 2024-11-21T01:37:14.847

Link: CVE-2012-1579

cve-icon Redhat

No data.