Description

Cross-site request forgery (CSRF) vulnerability in Special:Upload in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to hijack the authentication of unspecified victims for requests that upload files.

Remediation

References

CVE-2012-1580

Related Vulnerabilities

ownCloud Improper Input Validation Vulnerability (CVE-2014-2585)

WordPress Plugin Age Gate Open Redirect (2.13.4)

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3472)

WordPress Plugin Custom Permalinks Unspecified Vulnerability (0.7.15)

TYPO3 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2010-5102)

Severity

Medium

Classification

CVE-2012-1580 CWE-352

Tags

Missing Update Known Vulnerabilities