CVE-2015-8623Cross-Site Request Forgery in Mediawiki

CWE-352Cross-Site Request Forgery9 documents5 sources
Severity
8.8HIGHNVD
EPSS
0.1%
top 67.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
MediawikiDebian Mediawiki
Timeline
PublishedMar 23
Latest updateMay 17

Description

The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12 and 1.24.x before 1.24.5 does not perform token comparison in constant time before returning, which allows remote attackers to guess the edit token and bypass CSRF protection via a timing attack, a different vulnerability than CVE-2015-8624.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

debiandebian/mediawiki< mediawiki 1:1.25.5-1 (bookworm)
Debianmediawiki/mediawiki< 1:1.25.5-1+3
NVDmediawiki/mediawiki1.23.11+10

Patches

Patch: www.openwall.comPatch: www.openwall.comPatch: lists.wikimedia.org

🔴Vulnerability Details

4
GHSA
GHSA-3h2m-jjrw-87hw: The User::matchEditToken function in includes/User2022-05-17
GHSA
GHSA-8h72-c6mj-ffxx: The User::matchEditToken function in includes/User2022-05-17
OSV
CVE-2015-8624: The User::matchEditToken function in includes/User2017-03-23
OSV
CVE-2015-8623: The User::matchEditToken function in includes/User2017-03-23

📋Vendor Advisories

2
Debian
CVE-2015-8624: mediawiki - The User::matchEditToken function in includes/User.php in MediaWiki before 1.23....2015
Debian
CVE-2015-8623: mediawiki - The User::matchEditToken function in includes/User.php in MediaWiki before 1.23....2015

💬Community

1
Bugzilla
CVE-2015-8622 CVE-2015-8623 CVE-2015-8624 CVE-2015-8625 CVE-2015-8626 CVE-2015-8627 CVE-2015-8628 mediawiki: multiple flaws fixed in 1.26.1, 1.25.4, 1.24.5, and 1.23.122015-12-23
CVE-2015-8623 — Cross-Site Request Forgery in Mediawiki | cvebase