Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the "Mark all pages visited" on the watchlist does not require a CSRF token.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: debian
Published: 2018-04-13T16:00:00Z
Updated: 2024-09-16T20:22:32.537Z
Reserved: 2016-11-29T00:00:00
Link: CVE-2017-0362
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-04-13T16:29:00.347
Modified: 2018-05-15T13:21:28.380
Link: CVE-2017-0362
Redhat