Description

Session fixation vulnerability in the CentralAuth extension for MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the centralauth_Session cookie.

Remediation

References

CVE-2012-5395

Related Vulnerabilities

WordPress Plugin TI WooCommerce Wishlist Security Bypass (1.21.11)

WordPress Plugin WooCommerce Cross-Site Scripting (8.9.2)

PostgreSQL Improper Input Validation Vulnerability (CVE-2013-0255)

MODX Improper Certificate Validation Vulnerability (CVE-2017-7322)

WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.0.225)

Severity

Medium

Classification

CVE-2012-5395

Tags

Missing Update Known Vulnerabilities