{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T00:09:21.927","vulnerabilities":[{"cve":{"id":"CVE-2021-21275","sourceIdentifier":"security-advisories@github.com","published":"2021-01-25T23:15:11.887","lastModified":"2024-11-21T05:47:54.657","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The MediaWiki \"Report\" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of MediaWiki edit tokens."},{"lang":"es","value":"La extensión \"Report\" de MediaWiki presenta una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF). Antes de la versión corregida, no había protección contra las comprobaciones de CSRF en Special:Report, por lo que las peticiones para reportar una revisión podrían ser falsificadas. El problema ha sido corregido en el commit f828dc6 al hacer uso de los tokens de edición de MediaWiki"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:report_project:report:*:*:*:*:*:mediawiki:*:*","versionEndExcluding":"2021-01-21","matchCriteriaId":"E3403B6D-74B4-4DCB-ACE0-11BE197602A4"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:*:*:*:*:*:*:*","matchCriteriaId":"ADE6EF8F-1F05-429B-A916-76FDB20CEB81"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:*:*:*:*:*:*:*","matchCriteriaId":"A28F42F0-FBDA-4574-AD30-7A04F27FEA3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5.0:*:*:*:*:*:*:*","matchCriteriaId":"129CA55C-C770-4D42-BD17-9011F3AC93C4"}]}]}],"references":[{"url":"https://github.com/Kenny2github/Report/commit/f828dc6f73cdfaea5639edbf8ac7b326eeefb117","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/Kenny2github/Report/security/advisories/GHSA-9f3w-c334-jm2h","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://www.oracle.com//security-alerts/cpujul2021.html","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/Kenny2github/Report/commit/f828dc6f73cdfaea5639edbf8ac7b326eeefb117","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/Kenny2github/Report/security/advisories/GHSA-9f3w-c334-jm2h","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://www.oracle.com//security-alerts/cpujul2021.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}