Lucene search
GoogleOSV:BIT-MEDIAWIKI-2020-35474HistoryMar 06, 2024 - 11:13 a.m.
BIT-mediawiki-2020-35474
2024-03-0611:13:33
Google
osv.dev
3
mediawiki
xss
vulnerability
In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text leads to XSS because the definition of MediaWiki:recentchanges-legend-watchlistexpiry can be changed onwiki so that the output is raw HTML.
Related
ubuntucve
ubuntucve
CVE-2020-35474
2020-12-18 00:00:00
redhatcve
redhatcve
CVE-2020-35474
2020-12-18 17:09:52
debiancve
debiancve
CVE-2020-35474
2020-12-18 08:15:00
osv
osv
CVE-2020-35474
2020-12-18 08:15:15
prion
prion
Design/Logic Flaw
2020-12-18 08:15:00
cvelist
cvelist
CVE-2020-35474
2020-12-18 07:30:48
veracode
veracode
Cross-site Scripting (XSS)
2020-12-19 01:34:47
cve
cve
CVE-2020-35474
2020-12-18 08:15:00
altlinux
altlinux
Security fix for the ALT Linux 9 package mediawiki version 1.35.1-alt1
2020-12-30 00:00:00
openvas
openvas
MediaWiki < 1.31.11, 1.32 < 1.35.1 Multiple Vulnerabilities - Windows
2020-12-22 00:00:00
MediaWiki < 1.31.11, 1.32 < 1.35.1 Multiple Vulnerabilities - Linux
2020-12-22 00:00:00
Fedora: Security Advisory for mediawiki (FEDORA-2020-0be2d40e13)
2020-12-28 00:00:00
nessus
nessus
Fedora 33 : mediawiki (2020-0be2d40e13)
2020-12-28 00:00:00
archlinux
archlinux
[ASA-202101-22] mediawiki: multiple issues
2021-01-12 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: mediawiki-1.35.1-1.fc33
2020-12-27 01:41:09
5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.3%
Related for OSV:BIT-MEDIAWIKI-2020-35474