MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2010-1150

MediaWiki before 1.15.3 and 1.6.x before 1.16.0beta2 does not properly handle a correctly authenticated but unintended login attempt which makes it easier for remote authenticated users to conduct phishing attacks by arranging for a victim to login to the attacker39s account and then execute a crafted user script related to a quotlogin CSRFquot issue.