Description

Cross-site request forgery (CSRF) vulnerability in the Special:Import feature in MediaWiki 1.3.0 through 1.6.10, 1.12.x before 1.12.2, and 1.13.x before 1.13.3 allows remote attackers to perform unspecified actions as authenticated users via unknown vectors.

Remediation

References

CVE-2008-5252

Related Vulnerabilities

WordPress Plugin Favicon by RealFaviconGenerator Cross-Site Scripting (1.2.12)

WordPress Plugin WooPay-Inicis Cross-Site Scripting (1.1.3)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2018-7584)

ProjectSend Improper Input Validation Vulnerability (CVE-2017-9741)

PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0766)

Severity

Medium

Classification

CVE-2008-5252 CWE-352

Tags

Missing Update Known Vulnerabilities