Vulnerability Details CVE-2005-0535
Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 73.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/14360
- http://securitytracker.com/id?1013260
- http://sourceforge.net/project/shownotes.php?release_id=307067
- http://www.gentoo.org/security/en/glsa/glsa-200502-33.xml
- http://secunia.com/advisories/14360
- http://securitytracker.com/id?1013260
- http://sourceforge.net/project/shownotes.php?release_id=307067
- http://www.gentoo.org/security/en/glsa/glsa-200502-33.xml
Products affected by CVE-2005-0535
-
cpe:2.3:a:mediawiki:mediawiki:1.3
-
cpe:2.3:a:mediawiki:mediawiki:1.3.1
-
cpe:2.3:a:mediawiki:mediawiki:1.3.10
-
cpe:2.3:a:mediawiki:mediawiki:1.3.2
-
cpe:2.3:a:mediawiki:mediawiki:1.3.3
-
cpe:2.3:a:mediawiki:mediawiki:1.3.4
-
cpe:2.3:a:mediawiki:mediawiki:1.3.5
-
cpe:2.3:a:mediawiki:mediawiki:1.3.6
-
cpe:2.3:a:mediawiki:mediawiki:1.3.7
-
cpe:2.3:a:mediawiki:mediawiki:1.3.8
-
cpe:2.3:a:mediawiki:mediawiki:1.3.9
-
cpe:2.3:o:gentoo:linux:-
-
cpe:2.3:o:gentoo:linux:1.2
-
cpe:2.3:o:gentoo:linux:1.4
-
cpe:2.3:o:gentoo:linux:2.1.30
-
cpe:2.3:o:gentoo:linux:2.2.28
-
cpe:2.3:o:gentoo:linux:2.3.30