CVE-2021-21275
The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of MediaWiki edit tokens.
CSRF
CSRF
Vendor | Product | Version |
---|---|---|
report_project | report | 𝑥 < 2021-01-21 |
oracle | communications_cloud_native_core_network_slice_selection_function | 1.2.1 |
oracle | communications_pricing_design_center | 12.0.0.4.0 |
oracle | communications_pricing_design_center | 12.0.0.5.0 |
Common Weakness Enumeration