{"id":"CVE-2018-0504","details":"Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains an information disclosure flaw in the Special:Redirect/logid","aliases":["GHSA-hr8v-f4g2-p66f"],"modified":"2026-04-16T06:26:20.374524400Z","published":"2018-10-04T20:29:00.513Z","references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:3238"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:3813"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4301"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1041695"},{"type":"FIX","url":"https://lists.wikimedia.org/pipermail/wikitech-l/2018-September/090849.html"},{"type":"FIX","url":"https://phabricator.wikimedia.org/T187638"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/wikimedia/mediawiki","events":[{"introduced":"5cfc9accca2cc2fb94060c309d562913b7bed57c"},{"fixed":"a4c806563471b16c644186618b39b84069c0d04c"},{"introduced":"0"},{"last_affected":"5eda979890704fa8974f3ee9df6a67175a0f78e7"},{"introduced":"0"},{"last_affected":"0e704369adf97f85d71006060bda1c0f9315e75a"},{"introduced":"0"},{"last_affected":"a0b31d95610c8f415a2cc29349cdbf14c23c7d4b"}],"database_specific":{"versions":[{"introduced":"1.31.0"},{"fixed":"1.31.1"},{"introduced":"0"},{"last_affected":"1.27.5"},{"introduced":"0"},{"last_affected":"1.29.3"},{"introduced":"0"},{"last_affected":"1.30.1"}]}}],"versions":["1.1.0","1.27.0","1.27.0-rc.0","1.27.0-rc.1","1.27.1","1.27.2","1.27.3","1.27.4","1.27.5","1.29.0","1.29.0-rc.0","1.29.0-rc.1","1.29.1","1.29.2","1.29.3","1.3.0beta1","1.30.0","1.30.0-rc.0","1.30.1","1.31.0","1.5.0alpha1","1.5.0alpha2","1.5.0beta1","1.5.0beta2","1.5.0beta3","1.5.0beta4","1.6.0","REL1_29"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-0504.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}