Lucene search
RootSSV:60365HistorySep 04, 2012 - 12:00 a.m.
MediaWiki 1.x 跨站请求伪造漏洞
2012-09-0400:00:00
Root
www.seebug.org
15
0.005 Low
EPSS
Percentile
76.0%
Bugtraq ID:55370
CVE ID: CVE-2012-4379
MediaWiki是一套以GPL授权发行的Wiki引擎。
当使用X-Frame-Options头时,MediaWiki存在跨站脚本攻击,允许攻击者构建恶意URI,诱使用户解析,可以目标用户上下文执行恶意操作。
0
MediaWiki 1.x
厂商解决方案
MediaWiki 1.18.5或1.19.2已经修复此漏洞,建议用户下载使用:
http://wikipedia.sourceforge.net/
Related
cve
cve
CVE-2012-4379
2017-10-19 21:29:00
nvd
nvd
CVE-2012-4379
2017-10-19 21:29:00
debiancve
debiancve
CVE-2012-4379
2017-10-19 21:29:00
cvelist
cvelist
CVE-2012-4379
2017-10-19 21:00:00
prion
prion
Design/Logic Flaw
2017-10-19 21:29:00
ubuntucve
ubuntucve
CVE-2012-4379
2017-10-19 00:00:00
openvas
openvas
MediaWiki Multiple Vulnerabilities (Aug 2012) - Windows
2017-11-08 00:00:00
MediaWiki Multiple Vulnerabilities (Aug 2012) - Linux
2017-11-08 00:00:00
FreeBSD Ports: mediawiki
2012-09-07 00:00:00
nessus
nessus
FreeBSD : mediawiki -- multiple vulnerabilities (7c0fecd6-f42f-11e1-b17b-000c2977ec30)
2012-09-04 00:00:00
MediaWiki < 1.18.5 / 1.19.2 Multiple Vulnerabilities
2012-09-27 00:00:00
freebsd
freebsd
mediawiki -- multiple vulnerabilities
2012-08-27 00:00:00