MediaWiki Password Reset Cross-site Request Forgery Vulnerability

Medium

Synopsis

The remote web server is running a PHP application that is affected by a cross-site request forgery.

Description

In versions older than 1.22.5, 1.21.8, and 1.19.14, WikiMedia contains a flaw in Special:ChangePassword, due to its implementation of the password reset action. An attacker could leverage the lack of explicit confirmation, unique tokens, or multi-step process, to induce a victim to reset their password via a specially crafted link.

Solution

Upgrade to MediaWiki version 1.22.5, 1.21.8, or 1.19.14, or later.