Bypassing Re-authentication Vulnerability in Wikimedia MediaWiki 1.27.0 through 1.32.1
CVE-2019-12468 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.27.0 through 1.32.1. Directly POSTing to Special:ChangeEmail would allow for bypassing re-authentication, allowing for potential account takeover.
Learn more about our Web Application Penetration Testing UK.