6 matches found
CVE-2013-4572
The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote attackers to authenticate as the created user...
CVE-2013-4572
The CVE-2013-4572 issue affects MediaWiki's CentralNotice extension and is caused by an incorrect Cache-Control header configuration that caches session cookies when a user is autocreated. Affected versions are MediaWiki CentralNotice before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3....
[SECURITY] [DSA 2891-2] mediawiki regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-2891-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 31, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2891-1] mediawiki security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2891-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 30, 2014 http://www.debian.org/security/faq -...
Updated mediawiki packages fix security vulnerabilities
Updated mediawiki packages fix security vulnerabilities: Kevin Israel Wikipedia user PleaseStand identified and reported two vectors for injecting Javascript in CSS that bypassed MediaWiki's blacklist CVE-2013-4567, CVE-2013-4568. Internal review while debugging a site issue discovered that...
Fedora Update for mediawiki FEDORA-2013-21874
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...