Description
An issue was discovered in the ArticleRatings extension for MediaWiki through 1.42.1. Special:ChangeRating allows CSRF to alter data via a GET request.
Remediation
References
Related Vulnerabilities
WordPress Plugin Open Graph for Facebook, Google+ and Twitter Card Tags Cross-Site Scripting (2.2.4)
WordPress Plugin Checklist Cross-Site Scripting (1.1.5)
MySQL CVE-2021-2357 Vulnerability (CVE-2021-2357)
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-2138)
Wordpress Plugin Backup Migration CVE-2023-6271 Vulnerability (CVE-2023-6271)