Cross-site request forgery (CSRF) vulnerability in the CentralAuth extension for MediaWiki prior to 1.19.9, 1.20.x prior to 1.20.8, and 1.21.x prior to 1.21.3 allows remote malicious users to hijack the authentication of users for requests that login via vectors involving image loading.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mediawiki mediawiki 1.20.7 |
||
mediawiki mediawiki 1.20.5 |
||
mediawiki mediawiki 1.20 |
||
mediawiki mediawiki 1.20.4 |
||
mediawiki mediawiki 1.20.3 |
||
mediawiki mediawiki 1.20.2 |
||
mediawiki mediawiki 1.20.1 |
||
mediawiki mediawiki 1.20.6 |
||
mediawiki mediawiki 1.21 |
||
mediawiki mediawiki 1.21.2 |
||
mediawiki mediawiki 1.21.1 |
||
mediawiki mediawiki 1.19.5 |
||
mediawiki mediawiki 1.19.3 |
||
mediawiki mediawiki |
||
mediawiki mediawiki 1.19.7 |
||
mediawiki mediawiki 1.19.6 |
||
mediawiki mediawiki 1.19.1 |
||
mediawiki mediawiki 1.19.0 |
||
mediawiki mediawiki 1.19 |
||
mediawiki mediawiki 1.19.4 |
||
mediawiki mediawiki 1.19.2 |