Vulnerabilities > CVE-2023-45374 - Unspecified vulnerability in Mediawiki

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
mediawiki
NVD
Published: 2023-10-09
Updated: 2024-09-19

Summary

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It does not check for the anti-CSRF edit token in Special:SportsTeamsManager and Special:UpdateFavoriteTeams.

Vulnerable Configurations

Part Description Count
Application
Mediawiki
418

References