An issue was discovered in MediaWiki through 1.37.2. The SecurePoll extension allows a leak because sorting by timestamp is supported, https://phabricator.wikimedia.org/T298434 https://gerrit.wikimedia.org/r/q/I9d3b9a942ea71d777ec32121fa36262f549d283d https://gerrit.wikimedia.org/r/q/93758c4c13b972d240a6313e0472df1667118893
Created mediawiki tracking bugs for this issue: Affects: fedora-all [bug 2080822]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-28323