Skip to main content
CVE-2014-1517 MEDIUM PATCH This Month

The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before 4.5.3 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

CSRF Authentication Bypass Bugzilla Fedora
NVD VulDB
CVSS 2.0
4.0
EPSS
0.4%
CVE-2014-2665 MEDIUM PATCH This Month

includes/specials/SpecialChangePassword.php in MediaWiki before 1.19.14, 1.20.x and 1.21.x before 1.21.8, and 1.22.x before 1.22.5 does not properly handle a correctly authenticated but unintended. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

CSRF PHP Authentication Bypass Mediawiki
NVD VulDB
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy