Lucene search
K

6 matches found

Prion
Prion
added 2019/07/10 3:15 p.m.16 views

Improper access control

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.27.0 through 1.32.1. Directly POSTing to Special:ChangeEmail would allow for bypassing re-authentication, allowing for potential account takeover...

7.5CVSS9.3AI score0.03427EPSS
Exploits0References5Affected Software2
UbuntuCve
UbuntuCve
added 2019/07/10 3:15 p.m.31 views

CVE-2019-12467

MediaWiki through 1.32.1 has Incorrect Access Control issue 1 of 3. A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

5.3CVSS6.4AI score0.01263EPSS
Exploits0References3
Prion
Prion
added 2019/07/10 3:15 p.m.21 views

Improper access control

MediaWiki through 1.32.1 has Incorrect Access Control issue 1 of 3. A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

5CVSS6.2AI score0.01263EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2019/07/10 2:58 p.m.27 views

CVE-2019-12468

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.27.0 through 1.32.1. Directly POSTing to Special:ChangeEmail would allow for bypassing re-authentication, allowing for potential account takeover...

7.6AI score0.03427EPSS
Exploits0References5
Cvelist
Cvelist
added 2019/07/10 2:45 p.m.24 views

CVE-2019-12467

MediaWiki through 1.32.1 has Incorrect Access Control issue 1 of 3. A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

5.8AI score0.01263EPSS
Exploits0References4
Veracode
Veracode
added 2019/06/13 7:54 a.m.21 views

Authentication Bypass

mediawiki core is vulnerable to authentication bypass. The attacker can bypass reauthentication by directly making a POST request to Special:ChangeEmail...

9.8CVSS9.3AI score0.03427EPSS
Exploits0References7Affected Software2
Rows per page
Query Builder