Description
Session fixation vulnerability in Special:UserLogin in MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the session_id.
Remediation
References
Related Vulnerabilities
MySQL Deserialization of Untrusted Data Vulnerability (CVE-2019-14540)
GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3250)
MySQL CVE-2012-3149 Vulnerability (CVE-2012-3149)
WordPress Plugin Scroll To Top Cross-Site Scripting (1.4.0)
Oracle Application Server CVE-2006-0286 Vulnerability (CVE-2006-0286)