Lookup for vulnerabilities affecting packages.
| Vulnerability_id | VCID-eufd-erhj-bubj |
|---|
| Summary | Improper permissions handling in MediaWiki AbuseFilter
An issue was discovered in the AbuseFilter extension for MediaWiki before 1.39.9, 1.40.x and 1.41.x before 1.41.3, and 1.42.x before 1.42.2. An API caller can match a filter condition against AbuseFilter logs even if the caller is not authorized to view the log details for the filter. |
|---|
| Aliases |
| 0 |
|
| 1 |
| alias |
GHSA-rmcp-9fhq-58pv |
|
|
|---|
| Fixed_packages |
|
|---|
| Affected_packages |
|
|---|
| References |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-47913 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00685 |
| scoring_system |
epss |
| scoring_elements |
0.71704 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00685 |
| scoring_system |
epss |
| scoring_elements |
0.71643 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00685 |
| scoring_system |
epss |
| scoring_elements |
0.71661 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00685 |
| scoring_system |
epss |
| scoring_elements |
0.71634 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00685 |
| scoring_system |
epss |
| scoring_elements |
0.71674 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00685 |
| scoring_system |
epss |
| scoring_elements |
0.71684 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00685 |
| scoring_system |
epss |
| scoring_elements |
0.71708 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00685 |
| scoring_system |
epss |
| scoring_elements |
0.71691 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00685 |
| scoring_system |
epss |
| scoring_elements |
0.71673 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00685 |
| scoring_system |
epss |
| scoring_elements |
0.71717 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00685 |
| scoring_system |
epss |
| scoring_elements |
0.71723 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-47913 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
|---|
| Weaknesses |
| 0 |
| cwe_id |
532 |
| name |
Insertion of Sensitive Information into Log File |
| description |
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information. |
|
| 1 |
| cwe_id |
937 |
| name |
OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities |
| description |
Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013. |
|
| 2 |
| cwe_id |
1035 |
| name |
OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities |
| description |
Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017. |
|
|
|---|
| Exploits |
|
|---|
| Severity_range_score | 4.0 - 6.9 |
|---|
| Exploitability | 0.5 |
|---|
| Weighted_severity | 6.2 |
|---|
| Risk_score | 3.1 |
|---|
| Resource_url | http://public2.vulnerablecode.io/vulnerabilities/VCID-eufd-erhj-bubj |
|---|