MediaWiki Cross-Site Request Forgery Vulnerability (CNVD-2022-68883)

2022-05-1600:00:00

China National Vulnerability Database

www.cnvd.org.cn

0.001 Low

EPSS

Percentile

29.8%

JSON

MediaWiki is a free and free-to-use web-based wiki engine from the MediaWiki Foundation in the United States. The product can be used to deploy internal knowledge management and content management systems. A security vulnerability exists in MediaWiki version 1.37.2 and earlier, which stems from a cross-site request forgery in UserBoxes in the FanBox extension. An attacker could use this vulnerability to send unauthorized requests.

CPENameOperatorVersion
mediawiki mediawikile1.37.2

CPE	Name	Operator	Version
	mediawiki mediawiki	le	1.37.2

0.001 Low

EPSS

Percentile

29.8%

JSON

Related for CNVD-2022-68883