Required CVE Record Information
Description
Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided tarball used to protect some directories that shouldn't be web accessible.
References 3 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 3 Total
- lists.wikimedia.org: [wikitech-l] 20180920 Security release: 1.27.5 / 1.29.3 / 1.30.1 / 1.31.1 mailing-listx_transferred
- securitytracker.com: 1041695 vdb-entryx_transferred
- https://phabricator.wikimedia.org/T199029 x_transferred