11 matches found
EUVD-2020-23292
Malware in sbrugna...
CVE-2020-35626
An issue was discovered in the PushToWatch extension for MediaWiki through 1.35.1. The primary form did not implement an anti-CSRF token and therefore was completely vulnerable to CSRF attacks against onSkinAddFooterLinks in PushToWatch.php...
BIT-MEDIAWIKI-2020-35626
An issue was discovered in the PushToWatch extension for MediaWiki through 1.35.1. The primary form did not implement an anti-CSRF token and therefore was completely vulnerable to CSRF attacks against onSkinAddFooterLinks in PushToWatch.php...
MediaWiki Cross-Site Request Forgery Vulnerability (CNVD-2020-73499)
MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. A cross-site request forgery vulnerability exists in MediaWiki version 1.35.1...
CVE-2020-35626
An issue was discovered in the PushToWatch extension for MediaWiki through 1.35.1. The primary form did not implement an anti-CSRF token and therefore was completely vulnerable to CSRF attacks against onSkinAddFooterLinks in PushToWatch.php...
CVE-2020-35626
An issue was discovered in the PushToWatch extension for MediaWiki through 1.35.1. The primary form did not implement an anti-CSRF token and therefore was completely vulnerable to CSRF attacks against onSkinAddFooterLinks in PushToWatch.php...
Cross site request forgery (csrf)
An issue was discovered in the PushToWatch extension for MediaWiki through 1.35.1. The primary form did not implement an anti-CSRF token and therefore was completely vulnerable to CSRF attacks against onSkinAddFooterLinks in PushToWatch.php...
CVE-2020-35626
Technical details about CVE-2020-35626 are not publicly provided in the supplied documents. Monitoring for updates is advised.
CVE-2020-35626
An issue was discovered in the PushToWatch extension for MediaWiki through 1.35.1. The primary form did not implement an anti-CSRF token and therefore was completely vulnerable to CSRF attacks against onSkinAddFooterLinks in PushToWatch.php...
MediaWiki 跨站请求伪造漏洞
MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. A cross-site request forgery vulnerability exists in MediaWiki version 1.35.1...
PT-2020-17373 · Mediawiki +2 · Pushtowatch Extension +2
Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.35.1 PushToWatch extension for MediaWiki versions through 1.35.1 Description: An issue was discovered in the PushToWatch extension for MediaWiki. The primary form did not implement an anti-CSRF token, making it...