4 matches found
CVE-2025-53483
ArchivePage.php, UnarchivePage.php, and VoterEligibilityPageexecuteClear do not validate request methods or CSRF tokens, allowing attackers to trigger sensitive actions if an admin visits a malicious site. This issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42....
CVE-2025-53483
ArchivePage.php, UnarchivePage.php, and VoterEligibilityPageexecuteClear do not validate request methods or CSRF tokens, allowing attackers to trigger sensitive actions if an admin visits a malicious site. This issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42....
CVE-2025-53483
The CVE-2025-53483 issue affects the MediaWiki SecurePoll extension and is triggered by pages ArchivePage.php, UnarchivePage.php, and VoterEligibilityPage::executeClear() not validating request methods or CSRF tokens. The vulnerability enables CSRF to trigger sensitive admin actions when an admin...
CVE-2025-53483 SecurePoll: Multiple admin actions vulnerable to Cross-Site Request Forgery
ArchivePage.php, UnarchivePage.php, and VoterEligibilityPageexecuteClear do not validate request methods or CSRF tokens, allowing attackers to trigger sensitive actions if an admin visits a malicious site. This issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42....