CVE-2013-4572

Posted on 2020년 2월 7일2020년 2월 7일 by admin

CVE-2013-4572

The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote attackers to authenticate as the created user.

Source: CVE-2013-4572

답글 남기기 응답 취소