CVE-2019-12469

Vulnerability

Overview CVE-2019-12469 is an information disclosure vulnerability in MediaWiki (up to version 1.32.1) affecting the Special:EditTags interface. The bug allows users with appropriate rights (in practice, any logged-in user who can edit tags) to view suppressed (hidden) usernames and suppressed log entries that should be restricted under the MediaWiki suppression system. The root cause is incorrect access control: when viewing or editing tags of log entries, the interface hard-codes suppressed usernames into links and does not properly enforce access checks on suppressed log entries [1][3].

Exploitation

Steps An attacker can exploit this by accessing Special:Log (e.g., the block log), locating a log entry whose username has been suppressed (via hideuser), clicking the "Edit tags of selected log entries" button, and then clicking the "Logs" link on the resulting page. This reveals the suppressed username in the URL and interface. Additionally, an attacker can manually craft a request with a specific log ID (e.g., by incrementing/decrementing log IDs) to access suppressed log entries that should be hidden [3]. No authentication beyond a standard user account with edit-tags rights is required.

Impact

A successful exploit leaks sensitive information: suppressed usernames (e.g., from revision deletions or blocks) and the details of log entries that are restricted via the $wgLogRestrictions setting or the log_deleted database field. This undermines the privacy protections MediaWiki intended for deleted or suppressed content [1][3].

Mitigation

The vulnerability is fixed in MediaWiki 1.32.2, 1.31.2, 1.30.2, and 1.27.6 [2]. Debian provided a security update (DSA-4460-1) covering this and other issues [4]. Users should upgrade immediately; note that versions 1.30 and 1.27 reached end-of-life and will not receive further security updates after these releases [2].