CVE-2012-1580
EUVD-2012-159709.09.2012, 21:55
Cross-site request forgery (CSRF) vulnerability in Special:Upload in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to hijack the authentication of unspecified victims for requests that upload files.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| mediawiki | mediawiki | 1.17 |
| mediawiki | mediawiki | 1.17:beta_1 |
| mediawiki | mediawiki | 1.17.0 |
| mediawiki | mediawiki | 1.17.0:rc1 |
| mediawiki | mediawiki | 1.17.1 |
| mediawiki | mediawiki | 1.17.2 |
| mediawiki | mediawiki | 1.18 |
| mediawiki | mediawiki | 1.18:beta_1 |
| mediawiki | mediawiki | 1.18.0 |
| mediawiki | mediawiki | 1.18.0:rc1 |
| mediawiki | mediawiki | 1.18.1 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration
References