CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-21275

The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of MediaWiki edit tokens.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.9%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 4.3

References

Products affected by CVE-2021-21275

Oracle » Communications Cloud Native Core Network Slice Selection Function » Version: 1.2.1

cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1
Oracle » Communications Pricing Design Center » Version: 12.0.0.4.0

cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0
Oracle » Communications Pricing Design Center » Version: 12.0.0.5.0

cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5.0
Report Project » Report » Version: N/A

cpe:2.3:a:report_project:report:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-21275

Products

Pricing

Contact Us