2 matches found
CVE-2014-9276
Cross-site request forgery CSRF vulnerability in the Special:ExpandedTemplates page in MediaWiki before 1.19.22, 1.20.x through 1.22.x before 1.22.14, and 1.23.x before 1.23.7, when $wgRawHTML is set to true, allows remote attackers to hijack the authentication of users with edit permissions for...
CVE-2014-9276
CVE-2014-9276 is a CSRF vulnerability in the MediaWiki ExpandTemplates/related areas that affects 1.23.x before 1.23.7 and 1.22.x before 1.22.14, 1.20.x and earlier up to 1.19.22, when $wgRawHTML is true. The issue allows remote attackers to hijack the authentication of users with edit permission...