Description

The FanBoxes extension for MediaWiki through 1.37.2 (before 027ffb0b9d6fe0d823810cf03f5b562a212162d4) allows Special:UserBoxes CSRF.

Remediation

References

CVE-2022-29905

Related Vulnerabilities

WordPress Ultimate Member Plugin Other Vulnerability (CVE-2022-3383)

WordPress Plugin Slideshow Multiple Cross-Site Scripting Vulnerabilities (2.1.14)

WordPress Plugin WP ULike Cross-Site Scripting (3.1)

Dolibarr Incorrect Authorization Vulnerability (CVE-2021-37517)

WordPress Plugin simpleSAMLphp Authentication Cross-Site Scripting (0.7.0)

Severity

Medium

Classification

CVE-2022-29905 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities