Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.3 views

SUSE CVE-2013-4572

The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote attackers to authenticate as the created user...

7.5CVSS7.4AI score0.02142EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2013-0368)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.02142EPSS
Exploits0References5
OSV
OSV
added 2020/02/06 3:15 p.m.8 views

CVE-2013-4572

The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote attackers to authenticate as the created user...

7.5CVSS7.5AI score
Exploits0References9
OSV
OSV
added 2020/02/06 3:15 p.m.0 views

DEBIAN-CVE-2013-4572

The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote attackers to authenticate as the created user...

7.5CVSS7.4AI score0.02142EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2020/02/06 2:40 p.m.31 views

CVE-2013-4572

The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote attackers to authenticate as the created user...

7.5CVSS7.5AI score0.02142EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/12/18 12:0 a.m.37 views

Mandriva Linux Security Advisory : mediawiki (MDVSA-2013:290)

Updated mediawiki packages fix security vulnerabilities : Kevin Israel Wikipedia user PleaseStand identified and reported two vectors for injecting JavaScript in CSS that bypassed MediaWiki's blacklist CVE-2013-4567, CVE-2013-4568. Internal review while debugging a site issue discovered that...

7.5CVSS7.2AI score0.02142EPSS
Exploits0References4
Mageia
Mageia
added 2013/12/12 10:21 p.m.42 views

Updated mediawiki packages fix security vulnerabilities

Updated mediawiki packages fix security vulnerabilities: Kevin Israel Wikipedia user PleaseStand identified and reported two vectors for injecting Javascript in CSS that bypassed MediaWiki's blacklist CVE-2013-4567, CVE-2013-4568. Internal review while debugging a site issue discovered that...

7.5CVSS2.1AI score0.02142EPSS
Exploits0References3
Rows per page
Query Builder