CVE-2008-5687

Description

MediaWiki 1.11, and other versions before 1.13.3, does not properly protect against the download of backups of deleted images, which might allow remote attackers to obtain sensitive information via requests for files in images/deleted/.

How to fix CVE-2008-5687

To remediate CVE-2008-5687, upgrade the affected package to a fixed version below.

• Debian/mediawiki—upgrade to 1:1.13.3-1 or later

Is CVE-2008-5687 being exploited?

Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 1:1.13.3-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2008-5687