10 matches found
EUVD-2022-34213
Malicious code in bioql PyPI...
CVE-2022-29903
The Private Domains extension for MediaWiki through 1.37.2 before 1ad65d4c1c199b375ea80988d99ab51ae068f766 allows CSRF for editing pages that store the extension's configuration. The attacker must trigger a POST request to Special:PrivateDomains...
BIT-MEDIAWIKI-2022-29903
The Private Domains extension for MediaWiki through 1.37.2 before 1ad65d4c1c199b375ea80988d99ab51ae068f766 allows CSRF for editing pages that store the extension's configuration. The attacker must trigger a POST request to Special:PrivateDomains...
CVE-2022-29903
The Private Domains extension for MediaWiki through 1.37.2 before 1ad65d4c1c199b375ea80988d99ab51ae068f766 allows CSRF for editing pages that store the extension's configuration. The attacker must trigger a POST request to Special:PrivateDomains...
CVE-2022-29903
The Private Domains extension for MediaWiki through 1.37.2 before 1ad65d4c1c199b375ea80988d99ab51ae068f766 allows CSRF for editing pages that store the extension's configuration. The attacker must trigger a POST request to Special:PrivateDomains...
CVE-2022-29903
The Private Domains extension for MediaWiki through 1.37.2 before 1ad65d4c1c199b375ea80988d99ab51ae068f766 allows CSRF for editing pages that store the extension's configuration. The attacker must trigger a POST request to Special:PrivateDomains...
Cross site request forgery (csrf)
The Private Domains extension for MediaWiki through 1.37.2 before 1ad65d4c1c199b375ea80988d99ab51ae068f766 allows CSRF for editing pages that store the extension's configuration. The attacker must trigger a POST request to Special:PrivateDomains...
CVE-2022-29903
CVE-2022-29903 : In MediaWiki, the Private Domains extension up to 1.37.2 (before commit 1ad65d4c1c199b375ea80988d99ab51ae068f766) allows CSRF to edit pages that store the extension’s configuration. The attacker must trigger a POST to Special:PrivateDomains. A patch/fix is indicated by the commit...
CVE-2022-29903
The Private Domains extension for MediaWiki through 1.37.2 before 1ad65d4c1c199b375ea80988d99ab51ae068f766 allows CSRF for editing pages that store the extension's configuration. The attacker must trigger a POST request to Special:PrivateDomains...
PT-2022-19902 · Mediawiki +1 · Mediawiki Private Domains Extension +1
Name of the Vulnerable Software and Affected Versions: MediaWiki Private Domains extension versions through 1.37.2 Description: The issue allows for Cross-Site Request Forgery CSRF attacks, enabling an attacker to edit pages that store the extension's configuration. This can be achieved by...