The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote attackers to authenticate as the created user.
[
{
"product": "MediaWiki",
"vendor": "Wikimedia Foundation",
"versions": [
{
"status": "affected",
"version": "before 1.19.9"
},
{
"status": "affected",
"version": "1.20.x before 1.20.8"
},
{
"status": "affected",
"version": "1.21.x before 1.21.3"
}
]
}
]