Description

includes/User.php in MediaWiki before 1.16.5, when wgBlockDisablesLogin is enabled, does not clear certain cached data after verification of an auth token fails, which allows remote attackers to bypass authentication by creating crafted wikiUserID and wikiUserName cookies, or by leveraging an unattended workstation.

Remediation

References

CVE-2011-1766

Related Vulnerabilities

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-0978)

Oracle Database Server CVE-2019-2940 Vulnerability (CVE-2019-2940)

WordPress Plugin EWWW Image Optimizer Cross-Site Scripting (2.0.1)

WordPress Plugin Booking Calendar-Appointment Booking-BookIt Security Bypass (2.3.7)

WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Cross-Site Scripting (3.2.12)

Severity

Medium

Classification

CVE-2011-1766 CWE-287

Tags

Missing Update Known Vulnerabilities