RSS   Vulnerabilities for 'Mw-oauth2client'   RSS

2019-08-19
 
CVE-2019-15150

CWE-352
 

 
In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function.

 


Copyright 2024, cxsecurity.com

 

Back to Top