Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/07/06 6:25 p.m.21 views

CVE-2025-53483

ArchivePage.php, UnarchivePage.php, and VoterEligibilityPageexecuteClear do not validate request methods or CSRF tokens, allowing attackers to trigger sensitive actions if an admin visits a malicious site. This issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42....

8.8CVSS6.5AI score0.00187EPSS
Exploits0References1
NVD
NVD
added 2025/07/04 6:15 p.m.55 views

CVE-2025-53483

ArchivePage.php, UnarchivePage.php, and VoterEligibilityPageexecuteClear do not validate request methods or CSRF tokens, allowing attackers to trigger sensitive actions if an admin visits a malicious site. This issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42....

8.8CVSS0.00187EPSS
Exploits0References3
CVE
CVE
added 2025/07/04 5:28 p.m.23 views

CVE-2025-53483

The CVE-2025-53483 issue affects the MediaWiki SecurePoll extension and is triggered by pages ArchivePage.php, UnarchivePage.php, and VoterEligibilityPage::executeClear() not validating request methods or CSRF tokens. The vulnerability enables CSRF to trigger sensitive admin actions when an admin...

8.8CVSS6.5AI score0.00187EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/04 5:28 p.m.50 views

CVE-2025-53483 SecurePoll: Multiple admin actions vulnerable to Cross-Site Request Forgery

ArchivePage.php, UnarchivePage.php, and VoterEligibilityPageexecuteClear do not validate request methods or CSRF tokens, allowing attackers to trigger sensitive actions if an admin visits a malicious site. This issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42....

0.00187EPSS
Exploits0References3
Rows per page
Query Builder