11 matches found
Mageia: Security Advisory (MGASA-2014-0157)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ MDVSA-2014:083 ] mediawiki
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:083 http://www.mandriva.com/en/support/security/ Package : mediawiki Date : May 8, 2014 Affected: Business Server 1.0 Problem Description: Updated mediawiki packages fix security vulnerabilities: Login CSRF...
Mandriva Linux Security Advisory : mediawiki (MDVSA-2014:083)
Updated mediawiki packages fix security vulnerabilities : Login CSRF issue in MediaWiki before 1.22.5 in Special:ChangePassword, whereby a user can be logged into an attackers account without being aware of it, allowing the attacker to track the user's activity CVE-2014-2665. XSS vulnerability in...
CVE-2014-2665
includes/specials/SpecialChangePassword.php in MediaWiki before 1.19.14, 1.20.x and 1.21.x before 1.21.8, and 1.22.x before 1.22.5 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information ...
CVE-2014-2665
CVE-2014-2665 affects MediaWiki; vulnerable are builds with includes/specials/SpecialChangePassword.php prior to specific fixes. The issue arises when an authenticated user makes a login attempt that can be exploited to have a victim log in to the attacker’s account, enabling the attacker to trac...
Fedora Update for mediawiki FEDORA-2014-4478
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for mediawiki FEDORA-2014-4511
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : mediawiki-1.21.8-1.fc20 (2014-4478)
bug 62497 SECURITY: Add CSRF token on Special:ChangePassword. - bug 62467 Set a title for the context during import on the cli. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean...
MediaWiki 'Special:ChangePassword'跨站请求伪造漏洞
Bugtraq ID:66600 CVE ID:CVE-2014-2665 MediaWiki是一款Wiki程序。 MediaWiki 'Special:ChangePassword'存在跨站请求伪造漏洞,允许远程攻击者构建恶意URI,诱使用户解析,可以目标用户上下文执行恶意操作。 0 MediaWiki 1.22.5 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: https://bugzilla.wikimedia.org/showbug.cgi?id=62497...
Updated mediawiki packages fix CVE-2014-2665
Updated mediawiki packages fix security vulnerability: Login CSRF issue in MediaWiki before 1.22.5 in Special:ChangePassword, whereby a user can be logged into an attackers account without being aware of it, allowing the attacker to track the user's activity CVE-2014-2665. MediaWiki has been...
MGASA-2014-0157 Updated mediawiki packages fix CVE-2014-2665
Updated mediawiki packages fix security vulnerability: Login CSRF issue in MediaWiki before 1.22.5 in Special:ChangePassword, whereby a user can be logged into an attackers account without being aware of it, allowing the attacker to track the user's activity CVE-2014-2665. MediaWiki has been...