Description

Cross-site request forgery (CSRF) vulnerability in Special:Upload in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to hijack the authentication of unspecified victims for requests that upload files.

Remediation

References

CVE-2012-1580

Related Vulnerabilities

Atlassian Jira CVE-2019-20402 Vulnerability (CVE-2019-20402)

WordPress Plugin iQ Block Country Unspecified Vulnerability (1.1.33)

WordPress Plugin Contact Form 7 Multi-Step Forms Security Bypass (3.0.8)

WordPress Plugin WordPress Landing Pages Unspecified Vulnerability (2.2.6)

WordPress Plugin spideranalyse Cross-Site Scripting (0.0.1)

Severity

Medium

Classification

CVE-2012-1580 CWE-352

Tags

Missing Update Known Vulnerabilities