MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2017-0362 - Vulnerability Database

MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2017-0362

High

Reference: CVE-2017-0362

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-0362

Title: MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability

Overview:

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the quotMark all pages visitedquot on the watchlist does not require a CSRF token.