CVE-2023-37305
CVSS Score of 10 (low)
Details
Summary
CVE-2023-37305 is a vulnerability discovered in the ProofreadPage extension for MediaWiki through version 1.39.3. The issue exists in the PageContentHandler.php and PageDisplayHandler.php files, where hidden users can be exposed via public interfaces. This vulnerability affects multiple products, including Xz2hff, Xz2hfe, Xz2hf_, and Xz2hf8, among others. To remediate this vulnerability, it is recommended to update the ProofreadPage extension to version 1.39.4 or later. The potential danger posed by this vulnerability to an organization is rated as medium severity, with a CVSS base score of 5.3 out of 10.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions