Main Vulnerability Database Vulnerabilities #VU81438

#VU81438 Spoofing attack in MediaWiki

Published: October 3, 2023

Vulnerability identifier: #VU81438

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: N/A

CWE-ID: CWE-451

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
MediaWiki

Software vendor:
MediaWiki.org

Description

The vulnerability allows a remote user to perform spoofing attack.

The vulnerability exists due to incorrect processing of permissions, which leads to users with incorrect permissions to be incorrectly displayed.

Install updates from vendor's website.