Description
Cross-site request forgery (CSRF) vulnerability in the login interface in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to hijack the authentication of users for requests that (1) create accounts or (2) reset passwords, related to the Special:Userlogin form.
Remediation
References
Related Vulnerabilities
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-40601)
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-34944)
WordPress Plugin YITH WooCommerce Zoom Magnifier Cross-Site Scripting (1.2.6)
Microsoft SQL Server CVE-2023-36420 Vulnerability (CVE-2023-36420)