[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-2041-1 mediawiki -- CSRF

ID: oval:org.secpod.oval:def:600158Date: (C)2011-01-28   (M)2023-02-20
Class: PATCHFamily: unix




It was discovered that mediawiki, a website engine for collaborative work, is vulnerable to a Cross-Site Request Forgery login attack, which could be used to conduct phishing or similar attacks to users via affected mediawiki installations. Note that the fix used breaks the login API and may require clients using it to be updated. For the stable distribution , this problem has been fixed in version 1:1.12.0-2lenny5. For the testing distribution and the unstable distribution , this problem has been fixed in version 1:1.15.3-1. We recommend that you upgrade your mediawiki packages.

Platform:
Debian 5.0
Product:
mediawiki
Reference:
DSA-2041-1
CVE-2010-1150
CVE    1
CVE-2010-1150
CPE    1
cpe:/o:debian:debian_linux:5.0

© SecPod Technologies