Description

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. MassEditRegex allows CSRF.

Remediation

References

CVE-2021-46147

Related Vulnerabilities

WordPress Plugin WordPress fancyBox Lightbox Cross-Site Scripting (1.0.1)

TYPO3 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2717)

WordPress Plugin Event Registration 'event_id' Parameter SQL Injection (5.44)

Oracle Application Server CVE-2006-3711 Vulnerability (CVE-2006-3711)

WordPress Plugin Google Doc Embedder SQL Injection (2.5.14)

Severity

High

Classification

CVE-2021-46147 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities