CVE-2015-6728
MediaWiki < 1.23.10, 1.24.x < 1.24.3, 1.25.x < 1.25.2 - Cross-Site Request Forgery via Timing Attack
Title source: llmDescription
The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 does not perform token comparison in constant time, which allows remote attackers to guess the watchlist token and bypass CSRF protection via a timing attack.
References (6)
Core 6
Core References
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201510-05
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/08/27/6
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/08/12/6
Vendor Advisory mailing-list
x_refsource_mlist
https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-August/000179.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165193.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/76334
Scores
EPSS
0.0016
EPSS Percentile
36.2%
Details
CWE
CWE-352
Status
published
Products (6)
mediawiki/mediawiki
1.24.0
mediawiki/mediawiki
1.24.1
mediawiki/mediawiki
1.24.2
mediawiki/mediawiki
1.25.0
mediawiki/mediawiki
1.25.1
mediawiki/mediawiki
< 1.23.9
Published
Sep 01, 2015
Tracked Since
Feb 18, 2026