Description

Session fixation vulnerability in Special:UserLogin in MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the session_id.

Remediation

References

CVE-2012-5391

Related Vulnerabilities

OpenSSL Possible denial of service attack Vulnerability (CVE-2020-1971)

e107 Other Vulnerability (CVE-2010-0996)

Perl Improper Input Validation Vulnerability (CVE-2015-8853)

WordPress Plugin True Ranker Directory Traversal (2.2.2)

PostgreSQL Improper Certificate Validation Vulnerability (CVE-2021-43767)

Severity

Medium

Classification

CVE-2012-5391

Tags

Missing Update Known Vulnerabilities