Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-40601)

Description

An issue was discovered in the MediaWikiChat extension for MediaWiki through 1.42.1. CSRF can occur in API modules.

Remediation

References

Related Vulnerabilities

WordPress Plugin SpiderCatalog SQL Injection (1.7.3)

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-4040)

WordPress Plugin wp heyloyalty Remote Code Execution (1.1.4)

WordPress Plugin Product Catalog Arbitrary File Upload (3.8.6)

Liferay DXP Missing Authorization Vulnerability (CVE-2025-62247)

Severity

Medium

Classification

CVE-2024-40601 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities