CVE-2013-4306

NONECVSS 0.0

0.0

Cross-site request forgery (CSRF) vulnerability in api/ApiQueryCheckUser.php in the CheckUser extension for MediaWiki, possibly Checkuser before 2.3, allows remote attackers to hijack the authentication of arbitrary users for requests that "perform sensitive write actions" via unspecified vectors.

🔗 References (14)

secalert@redhathttp://lists.wikimedia.org/pipermail/mediawiki-announce/2013-September/000133.html
secalert@redhathttp://osvdb.org/96908
secalert@redhathttp://seclists.org/oss-sec/2013/q3/553
secalert@redhathttp://www.securityfocus.com/bid/62210
secalert@redhathttps://bugzilla.wikimedia.org/show_bug.cgi?id=45019
secalert@redhathttps://exchange.xforce.ibmcloud.com/vulnerabilities/86893
secalert@redhathttps://git.wikimedia.org/commit/mediawiki%2Fextensions%2FCheckUser.git/99ad25d066ce6111e798427cba7f21526827f651
af854a3a-2127-422b-91ae-364da2661108http://lists.wikimedia.org/pipermail/mediawiki-announce/2013-September/000133.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/96908
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/oss-sec/2013/q3/553
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/62210
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.wikimedia.org/show_bug.cgi?id=45019
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/86893
af854a3a-2127-422b-91ae-364da2661108https://git.wikimedia.org/commit/mediawiki%2Fextensions%2FCheckUser.git/99ad25d066ce6111e798427cba7f21526827f651

Is Your Infrastructure Affected by CVE-2013-4306?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2013-4306

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2013-4306?