Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) CreateProperty, (2) CreateTemplate, (3) CreateForm, and (4) CreateClass special pages in the SemanticForms extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allow remote attackers to hijack the authentication of users for requests that have unspecified impact and vectors.
Remediation
References
Related Vulnerabilities
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-5682)
WordPress Plugin Gallery-Flagallery Photo Portfolio 'facebook.php' Cross-Site Scripting (1.56)
WordPress Plugin Appointment Booking Calendar Cross-Site Scripting (1.3.34)
WordPress Plugin rtMedia for WordPress, BuddyPress and bbPress Cross-Site Scripting (3.7.38)
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-2327)