Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SecurePoll: Multiple admin actions vulnerable to Cross-Site Request Forgery
Vulnerability Description
ArchivePage.php, UnarchivePage.php, and VoterEligibilityPage#executeClear() do not validate request methods or CSRF tokens, allowing attackers to trigger sensitive actions if an admin visits a malicious site. This issue affects Mediawiki - SecurePoll extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2.
CVSS Information
N/A
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Wikimedia Mediawiki - SecurePoll extension 跨站请求伪造漏洞
Vulnerability Description
Wikimedia Mediawiki - SecurePoll extension是Wikimedia基金会的一个用于选举、投票和调查的特殊页面扩展。 Wikimedia Mediawiki - SecurePoll extension 1.39.13之前版本、1.42.7之前版本和1.43.2之前版本存在跨站请求伪造漏洞,该漏洞源于未验证请求方法或CSRF令牌,可能导致触发敏感操作。
CVSS Information
N/A
Vulnerability Type
N/A