CVE-2019-16738

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-16738

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-16738.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2019-16738

Aliases

GHSA-7hwr-f745-5rwq

Downstream

DEBIAN-CVE-2019-16738

DSA-4545-1

UBUNTU-CVE-2019-16738

Related

MGASA-2019-0301

Published

2019-09-26T02:15:10.833Z

Modified

2025-11-14T09:21:43.933604Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup.

References

Affected packages

Git / github.com/wikimedia/mediawiki

Affected ranges

Type: GIT
Repo: https://github.com/wikimedia/mediawiki
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

a1742c4f4b2c331a44ba1d80bf1431ddfb9ef678

Affected versions

1.*

1.1.0

1.3.0beta1

1.33.0

1.33.0-rc.0

1.5.0alpha1

1.5.0alpha2

1.5.0beta1

1.5.0beta2

1.5.0beta3

1.5.0beta4

1.6.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-16738.json"