CVE-2024-47846

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 5, 2024

Updated: Oct 16, 2024

CWE ID 352

Summary

CVE-2024-47846 refers to a Cross-Site Request Forgery (CSRF) vulnerability discovered in The Wikimedia Foundation's Mediawiki - Cargo. This issue enables an attacker to perform unintended actions on a victim's Mediawiki site by tricking them into making unauthorized requests. Mediawiki - Cargo, a popular extension used for managing content, is affected from version 3.6.X before 3.6.1, making it essential for users to apply the available patch to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mediawiki - Cargo

Affected Vendors

Mediawiki

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/zL4QVj
https://www.cve.org/CVERecord?id=CVE-2024-47846
https://nvd.nist.gov/vuln/detail/CVE-2024-47846

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners