Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-40601)

Description

An issue was discovered in the MediaWikiChat extension for MediaWiki through 1.42.1. CSRF can occur in API modules.

Remediation

References

Related Vulnerabilities

SharePoint Improper Input Validation Vulnerability (CVE-2020-1025)

Oracle Database Server CVE-2009-1972 Vulnerability (CVE-2009-1972)

WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-28040)

OpenSSL Numeric Errors Vulnerability (CVE-2016-2181)

Jboss EAP CVE-2018-8088 Vulnerability (CVE-2018-8088)

Severity

Medium

Classification

CVE-2024-40601 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities