CVE-2022-47927
Description
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. When installing with a pre-existing data directory that has weak permissions, the SQLite files are created with file mode 0644, i.e., world readable to local users. These files include credentials data.
Related CPE's
References
Mailing ListPatchRelease NotesVendor Advisory
ExploitIssue TrackingPatchVendor Advisory
CvssV3 impact
Could not find any metrics
CvssV2 impact
Could not find any metrics