Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2013-4306

Disclosure Date: October 11, 2013
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Cross-site request forgery (CSRF) vulnerability in api/ApiQueryCheckUser.php in the CheckUser extension for MediaWiki, possibly Checkuser before 2.3, allows remote attackers to hijack the authentication of arbitrary users for requests that “perform sensitive write actions” via unspecified vectors.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

Technical Analysis