2 matches found
CVE-2019-15150
In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function...
CVE-2019-15150
CVE-2019-15150 affects the MediaWiki OAuth2 Client extension prior to version 0.4. The vulnerability is a CSRF issue caused by the OAuth2 state parameter not being validated in the callback function. As described in the connected sources, this can allow an attacker to perform actions on behalf of...