VDB
DEBIAN-CVE-2010-2787
DEBIAN-CVE-2010-2787
PUBLISHED
CVSS 6.900000095367432 MEDIUM
api.php in MediaWiki before 1.15.5 does not prevent use of public caching headers for private data, which allows remote attackers to bypass intended access restrictions and obtain sensitive information by retrieving documents from an HTTP proxy cache that has been used by a victim.
Risk Scores
CVSS 4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | mediawiki | 0, 0, 0 |
| Debian:13 | mediawiki | 0, 0, 0 |
| Debian:12 | mediawiki | 0, 0, 0 |
| Debian:11 | mediawiki | 0, 0, 0 |
Timeline
- Apr 27, 2011 CVE Published
- Apr 28, 2026 CVE Updated