CVE-2012-5395

Name of the Vulnerable Software and Affected Versions MediaWiki CentralAuth extension versions prior to 1.18.6 MediaWiki CentralAuth extension versions 1.19.x prior to 1.19.3 MediaWiki CentralAuth extension versions 1.20.x prior to 1.20.1

Description The issue allows remote attackers to hijack web sessions. This is achieved via the centralauth Session cookie.

Recommendations For versions prior to 1.18.6, update to version 1.18.6 or later. For versions 1.19.x prior to 1.19.3, update to version 1.19.3 or later. For versions 1.20.x prior to 1.20.1, update to version 1.20.1 or later.