CVE-2021-21275

Sep 3, 2024

Published Date: 2021-01-25T23:15Z
Last Modified: 2022-04-26T14:45Z

CVSS Score: 4.3 (MEDIUM)

EPSS Score: 0.07%

Risk Score: 3.01 (MEDIUM)

Risk Score based on CVSS score and EPSS. This score is for reference purposes and is not internationally recognized.

Meter Needle
CVSS: 4.3  |  EPSS: 0.07%

Description: The MediaWiki “Report” extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of MediaWiki edit tokens.

Mitre ATT&CK Technical v15.1

None

Technical Analysis & Mitigation Measures

Reference Links

Vendor - Produce - Version

report - report_project, communications_cloud_native_core_network_slice_selection_function - oracle, communications_pricing_design_center - oracle, communications_pricing_design_center - oracle

Disclaimer

The content on this website is automatically sourced from external websites such as the National Vulnerability Database (NVD), GitHub, and other security-related sources. This content is for reference purposes only, and we are not responsible for the accuracy or integrity of the information linked or displayed from these sources.