Lucene search
K

7 matches found

Debian CVE
Debian CVE
added 2026/07/01 2:51 p.m.4 views

CVE-2026-58037

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Language/Language.Php, includes/Logging/BlockLogFormatter.Php, includes/Logging/LogFormatter.Php,...

5.8AI score0.0039EPSS
Exploits0
OSV
OSV
added 2026/07/01 12:0 a.m.3 views

UBUNTU-CVE-2026-58037

LogFormatter: raw parameter format is no longer raw HTML...

5.8AI score0.0039EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/12/18 5:40 p.m.22 views

CVE-2020-35478

MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. MediaWiki:blanknamespace potentially can be output as raw HTML with SCRIPT tags via LogFormatter::makePageLink. This affects MediaWiki 1.33.0 and later...

6.1CVSS1.4AI score0.01353EPSS
Exploits1References4
NVD
NVD
added 2020/12/18 8:15 a.m.16 views

CVE-2020-35478

MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. MediaWiki:blanknamespace potentially can be output as raw HTML with SCRIPT tags via LogFormatter::makePageLink. This affects MediaWiki 1.33.0 and later...

6.1CVSS5.9AI score0.01353EPSS
Exploits1References3
OSV
OSV
added 2020/12/18 8:15 a.m.24 views

CVE-2020-35478

MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. MediaWiki:blanknamespace potentially can be output as raw HTML with SCRIPT tags via LogFormatter::makePageLink. This affects MediaWiki 1.33.0 and later...

6.1CVSS5.6AI score
Exploits0References3
Prion
Prion
added 2020/12/18 8:15 a.m.20 views

Design/Logic Flaw

MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. MediaWiki:blanknamespace potentially can be output as raw HTML with SCRIPT tags via LogFormatter::makePageLink. This affects MediaWiki 1.33.0 and later...

4.3CVSS6AI score0.01353EPSS
Exploits1References3Affected Software2
CVE
CVE
added 2020/12/18 7:33 a.m.66 views

CVE-2020-35478

MediaWiki prior to version 1.35.1 is vulnerable to cross-site scripting via BlockLogFormatter.php, with MediaWiki:blanknamespace potentially outputting raw HTML using SCRIPT tags through LogFormatter::makePageLink(). Affected pages include MediaWiki 1.33.0 and later. The issue is documented acros...

6.1CVSS5.9AI score0.01353EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder