3 matches found
Gentoo Security Advisory GLSA 201310-21
Gentoo Linux Local Security Checks GLSA 201310-21 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
CVE-2013-4304
The CentralAuth extension for MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 caches a valid CentralAuthUser object in the centralauthUser cookie even when a user has not successfully logged in, which allows remote attackers to bypass authentication without a passwo...
CVE-2013-4304
The CVE-2013-4304 issue affects MediaWiki with the CentralAuth extension, where CentraAuthUser is cached in centralauth_User even if the user has not logged in, allowing remote authentication bypass. Affected versions are MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.2...