Security bugs

From MediaWiki.org
Jump to navigation Jump to search
Bug Details Introduced Fixed Affected versions
bug 40995 (CVE-2012-5391) Session fixation in Special:UserLogin ? 1.20.1, 1.21 All previous versions (?)
bug 43518 A sysop can obtain the password hashes and private email addressof other users. r83855 (0a8a3b45) 1.19.3, 1.20.3, 1.21 1.18, 1.19, 1.20.0, 1.20.1, 1.20.2
bug 45355 Read of arbitrary files under certain circumstances. ab59fadb 1.20.3 / 1.21 1.20.0, 1.20.1, 1.20.2