Description

An issue was discovered in the ArticleRatings extension for MediaWiki through 1.42.1. Special:ChangeRating allows CSRF to alter data via a GET request.

Remediation

References

CVE-2024-40603

Related Vulnerabilities

WebLogic CVE-2021-2033 Vulnerability (CVE-2021-2033)

WordPress Plugin CMS Tree Page View Security Bypass (1.3.4)

WordPress Plugin Travel Management Privilege Escalation (1.5)

WordPress Plugin Simple Ads Manager SQL Injection (2.9.4.116)

Apache Tomcat Improper Handling of Exceptional Conditions Vulnerability (CVE-2017-5664)

Severity

Medium

Classification

CVE-2024-40603 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities