Description
includes/User.php in MediaWiki before 1.16.5, when wgBlockDisablesLogin is enabled, does not clear certain cached data after verification of an auth token fails, which allows remote attackers to bypass authentication by creating crafted wikiUserID and wikiUserName cookies, or by leveraging an unattended workstation.
Remediation
References
Related Vulnerabilities
Oracle HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-22721)
WordPress Plugin Rate my Post-WP Rating System Multiple Vulnerabilities (3.3.4)
WordPress Plugin Xorbin Analog Flash Clock Cross-Site Scripting (1.0)
MySQL CVE-2022-21486 Vulnerability (CVE-2022-21486)
WordPress Plugin WooCommerce Smart Coupons Security Bypass (4.6.0)