CVE-2013-4301

Priority
Description
includes/resourceloader/ResourceLoaderContext.php in MediaWiki 1.19.x
before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allows remote
attackers to obtain sensitive information via a "<" (open angle bracket)
character in the lang parameter to w/load.php, which reveals the
installation path in an error message.
Notes
mdeslaurubuntu packages have fixed paths. ignoring.
Package
Upstream:released (1:1.19.8+dfsg-1)
More Information

Updated: 2020-01-29 19:47:37 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)