Schine/MW-OAuth2Client

Releases1

Frequency

Last Release almost 7 years ago

Stars22

MediaWiki OAuth2 Client Extension

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-15150 ↗	Aug 19, 2019Monday, 19 August 2019, 04:15	8.8 HIGH	6.8 MEDIUM
In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function.