Security Advisory

CVE-2020-29004

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-29 06:22:51
Last updated 2024-08-04 16:48:01
Assigner mitre
State PUBLISHED

Description

The API in the Push extension for MediaWiki through 1.35 did not require an edit token in ApiPushBase.php and therefore facilitated a CSRF attack.

← Browse all CVEs View on cve.org ↗