Detections
Analytics

MediaWiki Login Cross-Site Request Forgery

low Nessus Plugin ID 45438

Language:

Synopsis

A web application running on the remote host is affected by a cross-site request forgery vulnerability.

Description

The version of MediaWiki running on the remote host is affected by a cross-site request forgery vulnerability involving its login page. A user with a valid wiki account can cause others to unwittingly log into that account.

A remote attacker can exploit this by tricking a user into making a maliciously crafted request, causing them to log into the attacker's account. If the wiki is configured to allow user scripts, this could allow the attacker to obtain the victim's password.

Solution

Upgrade to MediaWiki 1.15.3 / 1.6.0beta2 or later.

See Also

http://www.nessus.org/u?e2e32ad4

Plugin Details

Severity: Low

ID: 45438

File Name: mediawiki_login_csrf.nasl

Version: 1.12

Type: remote

Family: CGI abuses

Published: 4/7/2010

Updated: 6/5/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Enable CGI Scanning: true

Vulnerability Information

CPE: cpe:/a:mediawiki:mediawiki

Required KB Items: www/PHP, installed_sw/MediaWiki

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Patch Publication Date: 4/6/2010

Vulnerability Publication Date: 4/6/2010

Reference Information

BID: 39270

SECUNIA: 39333