CVE-2021-21275

The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of MediaWiki edit tokens.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:report_project:report:*:*:*:*:*:mediawiki:*:*

Configuration 2 (hide)

OR cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5.0:*:*:*:*:*:*:*

Information

Published : 2021-01-25 15:15

Updated : 2022-04-26 07:45


NVD link : CVE-2021-21275

Mitre link : CVE-2021-21275


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

oracle

  • communications_pricing_design_center
  • communications_cloud_native_core_network_slice_selection_function

report_project

  • report