Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2019-15150

Disclosure Date: August 19, 2019 (last updated November 27, 2024)
In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0