CVEs affecting projects tracked on Release Alert, from NVD & OSV.
CVE-2012-5394 — MEDIUM severity vulnerability | Release Alert
CVE-2012-5394
6.8
MEDIUMCVSS v2
Published
December 13, 2013
Affected
2 projects
Assigned by
MITRE
Severity scale
010
Description
Cross-site request forgery (CSRF) vulnerability in the CentralAuth extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 allows remote attackers to hijack the authentication of users for requests that login via vectors involving image loading.
GitHub🌻 The collaborative editing software that runs Wikipedia. Mirror from https://gerrit.wikimedia.org/g/mediawiki/core. See https://mediawiki.org/wiki/Developer_access for contributing.