6 matches found
MediaWiki < 1.19.24 / 1.23.9 / 1.24.2 Multiple Vulnerabilities
According to its version number, the MediaWiki application running on the remote host is affected by the following vulnerabilities : - An input validation error exists related to handling API errors that allows reflected cross-site scripting attacks. CVE-2014-9714, CVE-2015-2941 - An input...
[ MDVSA-2015:200 ] mediawiki
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:200 http://www.mandriva.com/en/support/security/ Package : mediawiki Date : April 10, 2015 Affected: Business Server 1.0 Problem Description: Updated mediawiki packages fix security vulnerabilities: In...
CVE-2015-2940
Cross-site request forgery CSRF vulnerability in the CheckUser extension for MediaWiki allows remote attackers to hijack the authentication of certain users for requests that retrieve sensitive user information via unspecified vectors...
CVE-2015-2940
Cross-site request forgery CSRF vulnerability in the CheckUser extension for MediaWiki allows remote attackers to hijack the authentication of certain users for requests that retrieve sensitive user information via unspecified vectors...
CVE-2015-2940
CVE-2015-2940 is a CSRF flaw in the MediaWiki CheckUser extension that can allow a remote attacker to hijack a user’s session and retrieve sensitive information. The connected advisories corroborate this as part of multiple vulnerabilities affecting MediaWiki, with remediation guidance to upgrade...
CVE-2015-2940
Cross-site request forgery CSRF vulnerability in the CheckUser extension for MediaWiki allows remote attackers to hijack the authentication of certain users for requests that retrieve sensitive user information via unspecified vectors...