Innovate faster and cut risk with PHP experts from Zend Services.
Beginning to advanced PHP classes to learn and earn global certification.
Help me choose >
Submit support requests and browse self-service resources.
CVE-2020-29004 mediawiki: Missing edit token in ApiPushBase.php facilitates CSRF attacks
The API in the Push extension for MediaWiki through 1.35 did not require an edit token in ApiPushBase.php and therefore facilitated a CSRF attack.
Direct link to CVE-2020-29004 >
< View all CVEs