Back to search
CVE-2011-1580
Published: Apr 27, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
The transwiki import functionality in MediaWiki before 1.16.3 does not properly check privileges, which allows remote authenticated users to perform imports from any wgImportSources wiki via a crafted POST request.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
FEDORA-2011-5495
vendor-advisory
x_refsource_FEDORA
ADV-2011-0978
vdb-entry
x_refsource_VUPEN
FEDORA-2011-5807
vendor-advisory
x_refsource_FEDORA
47354
vdb-entry
x_refsource_BID
44142
third-party-advisory
x_refsource_SECUNIA
FEDORA-2011-5848
vendor-advisory
x_refsource_FEDORA
ADV-2011-1151
vdb-entry
x_refsource_VUPEN
DSA-2366
vendor-advisory
x_refsource_DEBIAN
https://bugzilla.redhat.com/show_bug.cgi?id=696360
x_refsource_CONFIRM
[mediawiki-announce] 20110412 MediaWiki security release 1.16.3
mailing-list
x_refsource_MLIST
mediawiki-transwiki-sec-bypass(66739)
vdb-entry
x_refsource_XF
https://bugzilla.wikimedia.org/show_bug.cgi?id=28449
x_refsource_CONFIRM
ADV-2011-1100
vdb-entry
x_refsource_VUPEN
FEDORA-2011-5812
vendor-advisory
x_refsource_FEDORA
https://bugzilla.redhat.com/show_bug.cgi?id=695577
x_refsource_CONFIRM
[oss-security] 20110413 Re: CVE request: mediawiki 1.16.3
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now