Miggo Logo

CVE-2019-12466: Wikimedia MediaWiki allows CSRF

8.8

CVSS Score
3.0

Basic Information

EPSS Score
0.38194%
Published
5/24/2022
Updated
5/15/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
mediawiki/corecomposer>= 1.27.0, < 1.27.61.27.6
mediawiki/corecomposer>= 1.30.0, < 1.30.21.30.2
mediawiki/corecomposer>= 1.31.0, < 1.31.21.31.2
mediawiki/corecomposer>= 1.32.0, < 1.32.21.32.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from missing CSRF protections in logout endpoints. Phabricator task T25227 explicitly shows the fix added token validation to both Special:UserLogout and API logout. The special page's execute method and API module's execute method were vulnerable entry points that processed logout requests without token checks prior to the security patches.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Wikim**i* M**i*Wiki t*rou** *.**.* *llows *SR* in lo*out ***tur*.

Reasoning

T** vuln*r**ility st*mm** *rom missin* *SR* prot**tions in lo*out *n*points. P***ri**tor t*sk T***** *xpli*itly s*ows t** *ix ***** tok*n v*li**tion to *ot* Sp**i*l:Us*rLo*out *n* *PI lo*out. T** sp**i*l p***'s *x**ut* m*t*o* *n* *PI mo*ul*'s *x**ut*