Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2015-6728
HistorySep 01, 2015 - 12:00 a.m.

CVE-2015-6728

2015-09-0100:00:00
ubuntu.com
ubuntu.com
7

0.004 Low

EPSS

Percentile

73.9%

JSON

The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, 1.24.x
before 1.24.3, and 1.25.x before 1.25.2 does not perform token comparison
in constant time, which allows remote attackers to guess the watchlist
token and bypass CSRF protection via a timing attack.

Related

prion 1
cvelist 1
cve 1
debiancve 1
nessus 4
openvas 3
fedora 3
freebsd 1
gentoo 1
prion
prion
Cross site request forgery (csrf)
2015-09-01 14:59:00
cvelist
cvelist
CVE-2015-6728
2015-09-01 14:00:00
cve
cve
CVE-2015-6728
2015-09-01 14:59:06
debiancve
debiancve
CVE-2015-6728
2015-09-01 14:59:06
nessus
nessus
MediaWiki < 1.23.10 / 1.24.3 / 1.25.2 Multiple Vulnerabilities
2016-08-05 00:00:00
FreeBSD : mediawiki -- multiple vulnerabilities (6241b5df-42a1-11e5-93ad-002590263bf5)
2015-08-17 00:00:00
Fedora 23 : mediawiki-1.25.2-2.fc23 (2015-13920)
2015-08-31 00:00:00
openvas
openvas
MediaWiki Multiple Vulnerabilities (Sep 2015) - Windows
2017-03-09 00:00:00
MediaWiki Multiple Vulnerabilities (Sep 2015) - Linux
2017-03-09 00:00:00
Gentoo Security Advisory GLSA 201510-05
2015-11-08 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: mediawiki-1.25.2-2.fc23
2015-08-28 17:38:31
[SECURITY] Fedora 22 Update: mediawiki-1.25.2-2.fc22
2015-09-03 18:53:15
[SECURITY] Fedora 21 Update: mediawiki-1.24.3-1.fc21
2015-09-03 18:52:14
freebsd
freebsd
mediawiki -- multiple vulnerabilities
2015-08-10 00:00:00
gentoo
gentoo
MediaWiki: Multiple vulnerabilities
2015-10-31 00:00:00

0.004 Low

EPSS

Percentile

73.9%

JSON
Related for UB:CVE-2015-6728
prion1cvelist1cve1debiancve1nessus4openvas3fedora3freebsd1gentoo1