Session fixation vulnerability in Special:UserLogin in MediaWiki prior to 1.18.6, 1.19.x prior to 1.19.3, and 1.20.x prior to 1.20.1 allows remote malicious users to hijack web sessions via the session_id.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mediawiki mediawiki 1.18.1 |
||
mediawiki mediawiki 1.18.2 |
||
mediawiki mediawiki 1.18.3 |
||
mediawiki mediawiki 1.18 |
||
mediawiki mediawiki 1.18.0 |
||
mediawiki mediawiki |
||
mediawiki mediawiki 1.18.4 |
||
mediawiki mediawiki 1.19 |
||
mediawiki mediawiki 1.19.1 |
||
mediawiki mediawiki 1.19.2 |
||
mediawiki mediawiki 1.20 |