CVE-2005-0535 — Mediawiki vulnerability

4 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.9%

top 24.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mediawiki Debian Mediawiki

Timeline

PublishedFeb 22

Latest updateMay 1

Description

Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/mediawiki< mediawiki 1.4.9 (bookworm)

▶Debianmediawiki/mediawiki< 1.4.9+3

▶NVDmediawiki/mediawiki11 versions+10

Patches

Patch: secunia.com ↗Patch: securitytracker.com ↗Patch: www.gentoo.org ↗

🔴Vulnerability Details

GHSA

GHSA-wwqh-qmmx-4gw7: Cross-site request forgery (CSRF) vulnerability in MediaWiki 1↗2022-05-01

▶

OSV

CVE-2005-0535: Cross-site request forgery (CSRF) vulnerability in MediaWiki 1↗2005-02-22

▶

📋Vendor Advisories

Debian

CVE-2005-0535: mediawiki - Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11...↗2005

▶