Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
MediaWiki Improper Access Control Vulnerability - CVE-2012-4379 - Vulnerability Database
MediaWiki

MediaWiki Improper Access Control Vulnerability - CVE-2012-4379

Medium
Reference: CVE-2012-4379
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2012-4379
Title: MediaWiki Improper Access Control Vulnerability
Overview:

MediaWiki before 1.18.5 and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element.