Filtered by vendor Schine.games Subscriptions
Filtered by product Mw-oauth2client Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-15150 1 Schine.games 1 Mw-oauth2client 2024-11-21 8.8 High
In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function.