CVE-2017-0362

Опубликовано: 13 апр. 2018

Источник: debian

Описание

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the "Mark all pages visited" on the watchlist does not require a CSRF token.

Пакет	Статус	Версия исправления	Релиз	Тип
mediawiki	fixed	1:1.27.2-1		package
mediawiki	end-of-life		wheezy	package

CVE-2017-0362

CVSS3: 8.8

ubuntu

почти 8 лет назад

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the "Mark all pages visited" on the watchlist does not require a CSRF token.

CVE-2017-0362

CVSS3: 4.3

redhat

больше 9 лет назад

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the "Mark all pages visited" on the watchlist does not require a CSRF token.

CVE-2017-0362

CVSS3: 8.8

nvd

почти 8 лет назад

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the "Mark all pages visited" on the watchlist does not require a CSRF token.

GHSA-wqmj-qf48-v44w

CVSS3: 8.8

github

больше 3 лет назад

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the "Mark all pages visited" on the watchlist does not require a CSRF token.