exploitDog

GHSA-3mq9-phgq-f2wv

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple cross-site request forgery (CSRF) vulnerabilities in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allow remote attackers to hijack the authentication of users with the block permission for requests that (1) block a user via a request to the Block module or (2) unblock a user via a request to the Unblock module.

Multiple cross-site request forgery (CSRF) vulnerabilities in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allow remote attackers to hijack the authentication of users with the block permission for requests that (1) block a user via a request to the Block module or (2) unblock a user via a request to the Unblock module.

Ссылки

EPSS

Процентиль: 53%

0.00302

Низкий

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2012-1578

ubuntu

больше 13 лет назад

Multiple cross-site request forgery (CSRF) vulnerabilities in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allow remote attackers to hijack the authentication of users with the block permission for requests that (1) block a user via a request to the Block module or (2) unblock a user via a request to the Unblock module.

CVE-2012-1578

nvd

больше 13 лет назад

Multiple cross-site request forgery (CSRF) vulnerabilities in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allow remote attackers to hijack the authentication of users with the block permission for requests that (1) block a user via a request to the Block module or (2) unblock a user via a request to the Unblock module.

CVE-2012-1578

debian

больше 13 лет назад

Multiple cross-site request forgery (CSRF) vulnerabilities in MediaWik ...

EPSS

Процентиль: 53%

0.00302

Низкий

CVE ID

Дефекты

CWE-352