CVE-2012-1578 in MediaWikiinfo

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allow remote attackers to hijack the authentication of users with the block permission for requests that (1) block a user via a request to the Block module or (2) unblock a user via a request to the Unblock module.

Once again VulDB remains the best source for vulnerability data.

Reservation

03/12/2012

Disclosure

09/09/2012

Moderation

VulDB entry created

Entries

VDB-4908 (1)

CPE

ready

CWE

CWE-352 (Confirmed)

CVSS

7.3

EPSS

0.00302

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-1578
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-1578
CVE Details	https://www.cvedetails.com/cve/CVE-2012-1578/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!