The ApiBase::getWatchlistUser function in MediaWiki prior to 1.23.10, 1.24.x prior to 1.24.3, and 1.25.x prior to 1.25.2 does not perform token comparison in constant time, which allows remote malicious users to guess the watchlist token and bypass CSRF protection via a timing attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mediawiki mediawiki 1.24.1 |
||
mediawiki mediawiki 1.24.2 |
||
mediawiki mediawiki |
||
mediawiki mediawiki 1.24.0 |
||
mediawiki mediawiki 1.25.1 |
||
mediawiki mediawiki 1.25.0 |