Description

An issue was discovered in the ArticleRatings extension for MediaWiki through 1.42.1. Special:ChangeRating allows CSRF to alter data via a GET request.

Remediation

References

CVE-2024-40603

Related Vulnerabilities

MySQL CVE-2018-2665 Vulnerability (CVE-2018-2665)

MySQL CVE-2020-2925 Vulnerability (CVE-2020-2925)

WordPress 7PK - Security Features Vulnerability (CVE-2014-9039)

Magento Insufficient Session Expiration Vulnerability (CVE-2019-8149)

WordPress Plugin Polls CP Multiple Vulnerabilities (1.0.8)

Severity

Medium

Classification

CVE-2024-40603 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities