mediawiki: cross-site request forgery

Package(s):

mediawiki

CVE #(s):

CVE-2010-1150

Created:

May 4, 2010

Updated:

May 5, 2010

Description:

From the Debian advisory:

It was discovered that mediawiki, a website engine for collaborative work, is vulnerable to a Cross-Site Request Forgery login attack, which could be used to conduct phishing or similar attacks to users via affected mediawiki installations.

Alerts:

Debian

DSA-2041-1

mediawiki

2010-05-03