Medium severity5.3NVD Advisory· Published Sep 26, 2019· Updated Jun 17, 2026
CVE-2019-16738
CVE-2019-16738
Description
In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mediawiki/corePackagist | >= 1.31.0, < 1.31.4 | 1.31.4 |
mediawiki/corePackagist | >= 1.32.0, < 1.32.4 | 1.32.4 |
mediawiki/corePackagist | >= 1.33.0, < 1.33.1 | 1.33.1 |
Affected products
6cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
12- phabricator.wikimedia.org/T230402nvdExploitIssue TrackingPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-7hwr-f745-5rwqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-16738ghsaADVISORY
- seclists.org/bugtraq/2019/Oct/32nvdMailing ListThird Party AdvisoryWEB
- www.debian.org/security/2019/dsa-4545nvdThird Party AdvisoryWEB
- github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2019-16738.yamlghsaWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7OMG3BMUHGWTAPYTK2NXM6CXF6FYLOUOghsaWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7OMG3BMUHGWTAPYTK2NXM6CXF6FYLOUO/nvdBroken Link
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QBAOLXETM5BOYQG6OQVHGB2LNLZUXVN6ghsaWEB
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QBAOLXETM5BOYQG6OQVHGB2LNLZUXVN6/nvdBroken Link
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7OMG3BMUHGWTAPYTK2NXM6CXF6FYLOUOghsaWEB
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBAOLXETM5BOYQG6OQVHGB2LNLZUXVN6ghsaWEB
News mentions
0No linked articles in our index yet.