31 Aoû 2015
CVE-2015-6728
Vulnerability Details : The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 does not perform token comparison in constant time, which allows remote attackers to guess the watchlist token and bypass CSRF protection via a timing attack. Publish Date : 2015-09-01 Last Update Date : 2015-09-02 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2015-6728
- Number Of Affected Versions By Product
- References For CVE-2015-6728
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2015-6728There are not any metasploit modules related to this vulnerability (Please visit www.metasploit.com for more information) |