Lucene search
RedhatCVELIST:CVE-2013-4572HistoryFeb 06, 2020 - 2:40 p.m.
CVE-2013-4572
2020-02-0614:40:13
redhat
www.cve.org
The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote attackers to authenticate as the created user.
CNA Affected
[
{
"product": "MediaWiki",
"vendor": "Wikimedia Foundation",
"versions": [
{
"status": "affected",
"version": "before 1.19.9"
},
{
"status": "affected",
"version": "1.20.x before 1.20.8"
},
{
"status": "affected",
"version": "1.21.x before 1.21.3"
}
]
}
]Related
prion
prion
Privilege escalation
2020-02-06 15:15:00
nvd
nvd
CVE-2013-4572
2020-02-06 15:15:10
cve
cve
CVE-2013-4572
2020-02-06 15:15:10
ubuntucve
ubuntucve
CVE-2013-4572
2020-02-06 00:00:00
debiancve
debiancve
CVE-2013-4572
2020-02-06 15:15:10
nessus
nessus
Mandriva Linux Security Advisory : mediawiki (MDVSA-2013:290)
2013-12-18 00:00:00
Fedora 19 : mediawiki-1.21.3-1.fc19 (2013-21856)
2013-12-02 00:00:00
Fedora 20 : mediawiki-1.21.3-1.fc20 (2013-22047)
2013-12-14 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2013-0368)
2022-01-28 00:00:00
Fedora Update for mediawiki FEDORA-2013-21856
2013-12-03 00:00:00
Fedora Update for mediawiki FEDORA-2013-21856
2013-12-03 00:00:00
mageia
mageia
Updated mediawiki packages fix security vulnerabilities
2013-12-13 02:21:01
securityvulns
securityvulns
[ MDVSA-2013:290 ] mediawiki
2014-01-09 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: mediawiki-1.21.3-1.fc19
2013-12-02 09:35:57
[SECURITY] Fedora 20 Update: mediawiki-1.21.3-1.fc20
2013-12-14 03:35:07
[SECURITY] Fedora 18 Update: mediawiki-1.19.9-1.fc18
2013-12-02 09:33:22
debian
debian
[SECURITY] [DSA 2891-1] mediawiki security update
2014-03-30 09:25:39
[SECURITY] [DSA 2891-2] mediawiki regression update
2014-03-31 17:07:21
[SECURITY] [DSA 2891-3] mediawiki regression update
2014-04-04 18:02:59
osv
osv
mediawiki - security update
2014-03-30 00:00:00