VYPR

OAuth2 Client

by MediaWiki

CVEs (1)

  • CVE-2019-15150HigAug 19, 2019
    risk 0.00cvss 8.8epss 0.01

    In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function.