CVE-2021-29483

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-29483
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-29483.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-29483
Related
  • GHSA-jmc9-rv2f-g8vv
Published
2021-04-28T22:15:08.337Z
Modified
2026-03-15T22:40:14.128882Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

ManageWiki is an extension to the MediaWiki project. The 'wikiconfig' API leaked the value of private configuration variables set through the ManageWiki variable to all users. This has been patched by https://github.com/miraheze/ManageWiki/compare/99f3b2c8af18...befb83c66f5b.patch. If you are unable to patch set $wgAPIListModules['wikiconfig'] = 'ApiQueryDisabled'; or remove private config as a workaround.

References

Affected packages

Git / github.com/miraheze/managewiki

Affected ranges

Type
GIT
Repo
https://github.com/miraheze/managewiki
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
befb83c66f5b643e174897ea41a8a46679b26304
Type
GIT
Repo
https://github.com/miraheze/managewiki
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
befb83c66f5b643e174897ea41a8a46679b26304

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-29483.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "2021-04-28"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "the"
            }
        ]
    }
]