CVE-2018-25089

glb Meetup Tag Extension Link Attribute reverse tabnabbing

CVSS 3.5 LOWEPSS 0.5%CWE-1022

In short

The glb Meetup Tag Extension for MediaWiki allows links to open new windows that can access the original page through window.opener, potentially letting attackers redirect users or manipulate the source page. This is known as reverse tabnabbing and can be used for phishing or malicious redirects.

Technical detail

The Link Attribute Handler in glb Meetup Tag Extension 0.1 fails to properly secure external links opened in new tabs/windows, allowing the opened page to access and manipulate the opener window via window.opener. An attacker can craft a malicious link that, when clicked, opens a controlled page with the ability to redirect or modify the original MediaWiki page, facilitating phishing or session hijacking attacks. Upgrade to version 0.2 to remediate.

Summary generated and translated by AI from the official description.

A vulnerability was found in glb Meetup Tag Extension 0.1 on MediaWiki. It has been rated as problematic. This issue affects some unknown processing of the component Link Attribute Handler. The manipulation leads to use of web link to untrusted target with window.opener access. Upgrading to version 0.2 is able to address this issue. The identifier of the patch is 850c726d6bbfe0bf270801fbb92a30babea4155c. It is recommended to upgrade the affected component. The identifier VDB-238157 was assigned to this vulnerability.

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Affected products

glb · Meetup Tag Extension

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/glb/mediawiki-tag-extension-meetup/commit/850c726d6bbfe0bf270801fbb92a30babea4155c https://github.com/glb/mediawiki-tag-extension-meetup/releases/tag/v0.2 https://vuldb.com/?ctiid.238157 https://vuldb.com/?id.238157