CVE-2022-39193

Source
https://cve.org/CVERecord?id=CVE-2022-39193
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-39193.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-39193
Aliases
Published
2023-01-20T00:00:00Z
Modified
2026-07-15T01:48:51.253162622Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in the CheckUser extension for MediaWiki through 1.39.x. Various components of this extension can expose information on the performer of edits and logged actions. This information should not allow public viewing: it is supposed to be viewable only by users with suppression rights.

Database specific
{
    "cna_assigner": "mitre",
    "unresolved_ranges": [
        {
            "source": "DESCRIPTION",
            "extracted_events": [
                {
                    "fixed": "1.39.x"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/39xxx/CVE-2022-39193.json"
}
References

Affected packages

Git / github.com/wikimedia/mediawiki

Affected ranges

Type
GIT
Repo
https://github.com/wikimedia/mediawiki
Events
Database specific
{
    "source": "CPE_STRING",
    "extracted_events": [
        {
            "introduced": "1.39.0-NA"
        },
        {
            "last_affected": "1.39.0-NA"
        },
        {
            "introduced": "1.39.1"
        },
        {
            "last_affected": "1.39.1"
        }
    ],
    "cpe": [
        "cpe:2.3:a:mediawiki:mediawiki:1.39.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:mediawiki:mediawiki:1.39.1:*:*:*:*:*:*:*"
    ]
}

Affected versions

1.*
1.39.0
1.39.0-NA
1.39.1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-39193.json"