[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-5241Date: (C)2014-08-23   (M)2023-12-22


The JSONP endpoint in includes/api/ApiFormatJson.php in MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 accepts certain long callback values and does not restrict the initial bytes of a JSONP response, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and obtain sensitive information, via a crafted OBJECT element with SWF content consistent with a restricted character set.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECUNIA-59738
DSA-3011
MDVSA-2014:153
https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-July/000157.html
http://openwall.com/lists/oss-security/2014/08/14/5
http://advisories.mageia.org/MGASA-2014-0309.html
https://bugzilla.wikimedia.org/show_bug.cgi?id=68187

CPE    50
cpe:/a:mediawiki:mediawiki:1.21.10
cpe:/a:mediawiki:mediawiki:1.19.12
cpe:/a:mediawiki:mediawiki:1.19.13
cpe:/a:mediawiki:mediawiki:1.19.14
...
CWE    1
CWE-352
OVAL    3
oval:org.secpod.oval:def:601762
oval:org.secpod.oval:def:107388
oval:org.secpod.oval:def:107426

© SecPod Technologies