MediaWiki 'Special:ChangePassword' CVE-2014-2665 Cross Site Request Forgery Vulnerability

MediaWiki is prone to a cross-site request-forgery vulnerability.

An attacker can exploit the cross-site request forgery issue to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks.

MediaWiki 1.22.3 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus