MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2022-29905 - Vulnerability Database

MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2022-29905

Medium

Reference: CVE-2022-29905

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2022-29905

Title: MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability

Overview:

The FanBoxes extension for MediaWiki through 1.37.2 (before 027ffb0b9d6fe0d823810cf03f5b562a212162d4) allows Special:UserBoxes CSRF.