CVE-2019-12468

Publication date

2019-07-10 14:58:15

Family

mitre

State

PUBLISHED

Description

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.27.0 through 1.32.1. Directly POSTing to Special:ChangeEmail would allow for bypassing re-authentication, allowing for potential account takeover.