Описание
Cross-site request forgery (CSRF) vulnerability in the login interface in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to hijack the authentication of users for requests that (1) create accounts or (2) reset passwords, related to the Special:Userlogin form.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 1:1.15.1-1ubuntu3 |
| hardy | released | 1:1.11.2-2ubuntu0.6 |
| jaunty | released | 1:1.13.3-1ubuntu2.3 |
| karmic | released | 1:1.15.0-1.1ubuntu0.3 |
| lucid | released | 1:1.15.1-1ubuntu2.1 |
| upstream | released | 1.15.4,1.16b3 |
Показывать по
6.8 Medium
CVSS2
Связанные уязвимости
Cross-site request forgery (CSRF) vulnerability in the login interface in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to hijack the authentication of users for requests that (1) create accounts or (2) reset passwords, related to the Special:Userlogin form.
Cross-site request forgery (CSRF) vulnerability in the login interface ...
Cross-site request forgery (CSRF) vulnerability in the login interface in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to hijack the authentication of users for requests that (1) create accounts or (2) reset passwords, related to the Special:Userlogin form.
6.8 Medium
CVSS2