Lucene search
PRIOn knowledge basePRION:CVE-2013-4304HistoryJan 26, 2014 - 8:55 p.m.
Authentication flaw
2014-01-2620:55:00
PRIOn knowledge base
www.prio-n.com
1
The CentralAuth extension for MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 caches a valid CentralAuthUser object in the centralauth_User cookie even when a user has not successfully logged in, which allows remote attackers to bypass authentication without a password.
Related
nvd
nvd
CVE-2013-4304
2014-01-26 20:55:04
cvelist
cvelist
CVE-2013-4304
2014-01-26 20:00:00
cve
cve
CVE-2013-4304
2014-01-26 20:55:04
nessus
nessus
MediaWiki < 1.19.8 / 1.20.7 / 1.21.2 Multiple Vulnerabilities
2013-10-03 00:00:00
GLSA-201310-21 : MediaWiki: Multiple vulnerabilities
2013-10-29 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201310-21
2015-09-29 00:00:00
gentoo
gentoo
MediaWiki: Multiple vulnerabilities
2013-10-28 00:00:00