Description
Cross-site request forgery (CSRF) vulnerability in the CentralAuth extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 allows remote attackers to hijack the authentication of users for requests that login via vectors involving image loading.
Remediation
References
Related Vulnerabilities
Jenkins Other Vulnerability (CVE-2021-21697)
WordPress Plugin Cross-RSS Directory Traversal (1.7)
WordPress Plugin iThemes Exchange:Simple WP Ecommerce Cross-Site Scripting (1.11.18)
Internet Information Services Other Vulnerability (CVE-2001-1243)
PleskLin Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4878)