2 matches found
CVE-2022-29903
The Private Domains extension for MediaWiki through 1.37.2 before 1ad65d4c1c199b375ea80988d99ab51ae068f766 allows CSRF for editing pages that store the extension's configuration. The attacker must trigger a POST request to Special:PrivateDomains...
CVE-2022-29903
CVE-2022-29903 : In MediaWiki, the Private Domains extension up to 1.37.2 (before commit 1ad65d4c1c199b375ea80988d99ab51ae068f766) allows CSRF to edit pages that store the extension’s configuration. The attacker must trigger a POST to Special:PrivateDomains. A patch/fix is indicated by the commit...