Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2014-2665

includes/specials/SpecialChangePassword.php in MediaWiki before 1.19.14, 1.20.x and 1.21.x before 1.21.8, and 1.22.x before 1.22.5 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account, as demonstrated by tracking the victim's activity, related to a "login CSRF" issue.

  • Published: Apr 20, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-2665
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
mediawiki / mediawiki 1.19 1.19.x
mediawiki / mediawiki 1.19-beta_1 1.19-beta_1.x
mediawiki / mediawiki 1.19.8 1.19.8.x
mediawiki / mediawiki 1.20.5 1.20.5.x
mediawiki / mediawiki 1.20.1 1.20.1.x
mediawiki / mediawiki 1.22.0 1.22.0.x
mediawiki / mediawiki 1.19.3 1.19.3.x
mediawiki / mediawiki 1.19.1 1.19.1.x
mediawiki / mediawiki 1.21.5 1.21.5.x
mediawiki / mediawiki 1.20.4 1.20.4.x
mediawiki / mediawiki 1.20.2 1.20.2.x
mediawiki / mediawiki 1.19.10 1.19.10.x
mediawiki / mediawiki 1.21.6 1.21.6.x
mediawiki / mediawiki 1.21.1 1.21.1.x
mediawiki / mediawiki 1.21.7 1.21.7.x
mediawiki / mediawiki 1.19.9 1.19.9.x
mediawiki / mediawiki 1.19.6 1.19.6.x
mediawiki / mediawiki 1.20.3 1.20.3.x
mediawiki / mediawiki 1.19-beta_2 1.19-beta_2.x
mediawiki / mediawiki 1.20.6 1.20.6.x
mediawiki / mediawiki 1.22.3 1.22.3.x
mediawiki / mediawiki 1.19.11 1.19.11.x
mediawiki / mediawiki 1.19.5 1.19.5.x
mediawiki / mediawiki 1.22.2 1.22.2.x
mediawiki / mediawiki 1.21.2 1.21.2.x
mediawiki / mediawiki 1.19.0 1.19.0.x
mediawiki / mediawiki 1.20.8 1.20.8.x
mediawiki / mediawiki 1.19.4 1.19.4.x
mediawiki / mediawiki 1.20 1.20.x
mediawiki / mediawiki - 1.19.13.x
mediawiki / mediawiki 1.21 1.21.x
mediawiki / mediawiki 1.21.4 1.21.4.x
mediawiki / mediawiki 1.19.12 1.19.12.x
mediawiki / mediawiki 1.21.3 1.21.3.x
mediawiki / mediawiki 1.20.7 1.20.7.x
mediawiki / mediawiki 1.22.1 1.22.1.x
mediawiki / mediawiki 1.22.4 1.22.4.x
mediawiki / mediawiki 1.19.7 1.19.7.x
mediawiki / mediawiki 1.19.2 1.19.2.x