MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php.
Language::translateBlockExpiry itself does not escape in all code paths.
For example, the return of Language::userTimeAndDate is is always unsafe
for HTML in a month value. This affects MediaWiki 1.12.0 and later.
{"cve": [{"lastseen": "2022-10-05T18:52:48", "description": "MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does not escape in all code paths. For example, the return of Language::userTimeAndDate is is always unsafe for HTML in a month value. This affects MediaWiki 1.12.0 and later.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-18T08:15:00", "type": "cve", "title": "CVE-2020-35479", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35479"], "modified": "2022-10-05T16:09:00", "cpe": ["cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:33", "cpe:/o:debian:debian_linux:10.0"], "id": "CVE-2020-35479", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-35479", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*"]}], "redhatcve": [{"lastseen": "2022-07-07T19:09:02", "description": "MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does not escape in all code paths. For example, the return of Language::userTimeAndDate is is always unsafe for HTML in a month value. This affects MediaWiki 1.12.0 and later.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-18T17:40:29", "type": "redhatcve", "title": "CVE-2020-35479", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35479"], "modified": "2022-07-07T18:09:09", "id": "RH:CVE-2020-35479", "href": "https://access.redhat.com/security/cve/cve-2020-35479", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "veracode": [{"lastseen": "2022-07-26T16:47:48", "description": "mediawiki is vulnerable to cross-site scripting (XSS). The vulnerability exists as `Language::translateBlockExpiry` itself does not escape in all code paths.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-19T01:34:51", "type": "veracode", "title": "Cross-site Scripting (XSS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35479"], "modified": "2020-12-27T06:42:17", "id": "VERACODE:28645", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-28645/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "debiancve": [{"lastseen": "2022-12-29T10:06:42", "description": "MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does not escape in all code paths. For example, the return of Language::userTimeAndDate is is always unsafe for HTML in a month value. This affects MediaWiki 1.12.0 and later.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-18T08:15:00", "type": "debiancve", "title": "CVE-2020-35479", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35479"], "modified": "2020-12-18T08:15:00", "id": "DEBIANCVE:CVE-2020-35479", "href": "https://security-tracker.debian.org/tracker/CVE-2020-35479", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "debian": [{"lastseen": "2022-02-16T11:28:24", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4816-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nDecember 18, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : mediawiki\nCVE ID : CVE-2020-35475 CVE-2020-35477 CVE-2020-35479 CVE-2020-35480\nDebian Bug : 971985 971986\n\nMultiple security issues were discovered in MediaWiki, a website engine\nfor collaborative work, which could result in cross-site scripting or\nthe disclosure of hidden users.\t\n\t\nFor the stable distribution (buster), these problems have been fixed in\nversion 1:1.31.12-1~deb10u1.\n\nWe recommend that you upgrade your mediawiki packages.\n\nFor the detailed security status of mediawiki please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/mediawiki\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-12-18T09:46:46", "type": "debian", "title": "[SECURITY] [DSA 4816-1] mediawiki security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35475", "CVE-2020-35477", "CVE-2020-35479", "CVE-2020-35480"], "modified": "2020-12-18T09:46:46", "id": "DEBIAN:DSA-4816-1:CCE4B", "href": "https://lists.debian.org/debian-security-announce/2020/msg00223.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-12-11T03:47:02", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2504-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Roberto C. S\u00e1nchez\nDecember 22, 2020 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : mediawiki\nVersion : 1:1.27.7-1~deb9u7\nCVE ID : CVE-2020-15005 CVE-2020-35477 CVE-2020-35479 CVE-2020-35480\n\nMultiple security issues were discovered in MediaWiki, a website engine\nfor collaborative work.\n\nCVE-2020-15005\n\n Private wikis behind a caching server using the img_auth.php image\n authorization security feature may have had their files cached\n publicly, so any unauthorized user could view them.\n\nCVE-2020-35477\n\n Blocks legitimate attempts to hide log entries in some situations.\n\nCVE-2020-35479\n\n Allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry\n itself does not escape in all code paths. For example, the return of\n Language::userTimeAndDate is is always unsafe for HTML in a month\n value.\n\nCVE-2020-35480\n\n Missing users (accounts that don't exist) and hidden users (accounts\n that have been explicitly hidden due to being abusive, or similar)\n that the viewer cannot see are handled differently, exposing\n sensitive information about the hidden status to unprivileged\n viewers.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:1.27.7-1~deb9u7.\n\nWe recommend that you upgrade your mediawiki packages.\n\nFor the detailed security status of mediawiki please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/mediawiki\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2020-12-23T01:38:47", "type": "debian", "title": "[SECURITY] [DLA 2504-1] mediawiki security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15005", "CVE-2020-35477", "CVE-2020-35479", "CVE-2020-35480"], "modified": "2020-12-23T01:38:47", "id": "DEBIAN:DLA-2504-1:70C2D", "href": "https://lists.debian.org/debian-lts-announce/2020/12/msg00034.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "mageia": [{"lastseen": "2022-04-18T11:19:35", "description": "In MediaWiki before 1.31.11, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. The right column with the changeable groups is not affected and is escaped correctly (CVE-2020-35475). MediaWiki before 1.31.11 blocks legitimate attempts to hide log entries in some situations. If one sets MediaWiki:Mainpage to Special:MyLanguage/Main Page, visits a log entry on Special:Log, and toggles the \"Change visibility of selected log entries\" checkbox (or a tags checkbox) next to it, there is a redirection to the main page's action=historysubmit instead of the desired behavior in which a revision-deletion form appears (CVE-2020-35477). MediaWiki before 1.31.11 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does not escape in all code paths. For example, the return of Language::userTimeAndDate is is always unsafe for HTML in a month value (CVE-2020-35479). An issue was discovered in MediaWiki before 1.31.11. Missing users (accounts that don't exist) and hidden users (accounts that have been explicitly hidden due to being abusive, or similar) that the viewer cannot see are handled differently, exposing sensitive information about the hidden status to unprivileged viewers. This exists on various code paths (CVE-2020-35480). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-02-19T10:27:54", "type": "mageia", "title": "Updated mediawiki packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35475", "CVE-2020-35477", "CVE-2020-35479", "CVE-2020-35480"], "modified": "2021-02-19T10:27:54", "id": "MGASA-2021-0086", "href": "https://advisories.mageia.org/MGASA-2021-0086.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "osv": [{"lastseen": "2022-08-05T05:19:00", "description": "\nMultiple security issues were discovered in MediaWiki, a website engine\nfor collaborative work.\n\n\n* [CVE-2020-15005](https://security-tracker.debian.org/tracker/CVE-2020-15005)\nPrivate wikis behind a caching server using the img\\_auth.php image\n authorization security feature may have had their files cached\n publicly, so any unauthorized user could view them.\n* [CVE-2020-35477](https://security-tracker.debian.org/tracker/CVE-2020-35477)\nBlocks legitimate attempts to hide log entries in some situations.\n* [CVE-2020-35479](https://security-tracker.debian.org/tracker/CVE-2020-35479)\nAllows XSS via BlockLogFormatter.php. Language::translateBlockExpiry\n itself does not escape in all code paths. For example, the return of\n Language::userTimeAndDate is is always unsafe for HTML in a month\n value.\n* [CVE-2020-35480](https://security-tracker.debian.org/tracker/CVE-2020-35480)\nMissing users (accounts that don't exist) and hidden users (accounts\n that have been explicitly hidden due to being abusive, or similar)\n that the viewer cannot see are handled differently, exposing\n sensitive information about the hidden status to unprivileged\n viewers.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:1.27.7-1~deb9u7.\n\n\nWe recommend that you upgrade your mediawiki packages.\n\n\nFor the detailed security status of mediawiki please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/mediawiki>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "edition": 1, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2020-12-22T00:00:00", "type": "osv", "title": "mediawiki - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35479", "CVE-2020-35477", "CVE-2020-35480", "CVE-2020-15005"], "modified": "2022-08-05T05:18:59", "id": "OSV:DLA-2504-1", "href": "https://osv.dev/vulnerability/DLA-2504-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-10T07:15:45", "description": "\nMultiple security issues were discovered in MediaWiki, a website engine\nfor collaborative work, which could result in cross-site scripting or\nthe disclosure of hidden users.\n\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1:1.31.12-1~deb10u1.\n\n\nWe recommend that you upgrade your mediawiki packages.\n\n\nFor the detailed security status of mediawiki please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/mediawiki](https://security-tracker.debian.org/tracker/mediawiki)\n\n\n", "edition": 1, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-18T00:00:00", "type": "osv", "title": "mediawiki - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35479", "CVE-2020-35477", "CVE-2020-35480", "CVE-2020-35475"], "modified": "2022-08-10T07:15:42", "id": "OSV:DSA-4816-1", "href": "https://osv.dev/vulnerability/DSA-4816-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2022-12-01T15:22:13", "description": "Multiple security issues were discovered in MediaWiki, a website engine for collaborative work.\n\nCVE-2020-15005\n\nPrivate wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them.\n\nCVE-2020-35477\n\nBlocks legitimate attempts to hide log entries in some situations.\n\nCVE-2020-35479\n\nAllows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does not escape in all code paths. For example, the return of Language::userTimeAndDate is is always unsafe for HTML in a month value.\n\nCVE-2020-35480\n\nMissing users (accounts that don't exist) and hidden users (accounts that have been explicitly hidden due to being abusive, or similar) that the viewer cannot see are handled differently, exposing sensitive information about the hidden status to unprivileged viewers.\n\nFor Debian 9 stretch, these problems have been fixed in version 1:1.27.7-1~deb9u7.\n\nWe recommend that you upgrade your mediawiki packages.\n\nFor the detailed security status of mediawiki please refer to its security tracker page at:\nhttps://security-tracker.debian.org/tracker/mediawiki\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-12-23T00:00:00", "type": "nessus", "title": "Debian DLA-2504-1 : mediawiki security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-15005", "CVE-2020-35477", "CVE-2020-35479", "CVE-2020-35480"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:mediawiki", "p-cpe:/a:debian:debian_linux:mediawiki-classes", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2504.NASL", "href": "https://www.tenable.com/plugins/nessus/144574", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2504-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(144574);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2020-15005\", \"CVE-2020-35477\", \"CVE-2020-35479\", \"CVE-2020-35480\");\n\n script_name(english:\"Debian DLA-2504-1 : mediawiki security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple security issues were discovered in MediaWiki, a website\nengine for collaborative work.\n\nCVE-2020-15005\n\nPrivate wikis behind a caching server using the img_auth.php image\nauthorization security feature may have had their files cached\npublicly, so any unauthorized user could view them.\n\nCVE-2020-35477\n\nBlocks legitimate attempts to hide log entries in some situations.\n\nCVE-2020-35479\n\nAllows XSS via BlockLogFormatter.php. Language::translateBlockExpiry\nitself does not escape in all code paths. For example, the return of\nLanguage::userTimeAndDate is is always unsafe for HTML in a month\nvalue.\n\nCVE-2020-35480\n\nMissing users (accounts that don't exist) and hidden users (accounts\nthat have been explicitly hidden due to being abusive, or similar)\nthat the viewer cannot see are handled differently, exposing sensitive\ninformation about the hidden status to unprivileged viewers.\n\nFor Debian 9 stretch, these problems have been fixed in version\n1:1.27.7-1~deb9u7.\n\nWe recommend that you upgrade your mediawiki packages.\n\nFor the detailed security status of mediawiki please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/mediawiki\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/12/msg00034.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/mediawiki\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/mediawiki\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Upgrade the affected mediawiki, and mediawiki-classes packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-35480\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mediawiki\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mediawiki-classes\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"mediawiki\", reference:\"1:1.27.7-1~deb9u7\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"mediawiki-classes\", reference:\"1:1.27.7-1~deb9u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-12-01T15:22:14", "description": "Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting or the disclosure of hidden users.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-12-21T00:00:00", "type": "nessus", "title": "Debian DSA-4816-1 : mediawiki - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-35475", "CVE-2020-35477", "CVE-2020-35479", "CVE-2020-35480"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:mediawiki", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4816.NASL", "href": "https://www.tenable.com/plugins/nessus/144477", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4816. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(144477);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2020-35475\", \"CVE-2020-35477\", \"CVE-2020-35479\", \"CVE-2020-35480\");\n script_xref(name:\"DSA\", value:\"4816\");\n\n script_name(english:\"Debian DSA-4816-1 : mediawiki - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple security issues were discovered in MediaWiki, a website\nengine for collaborative work, which could result in cross-site\nscripting or the disclosure of hidden users.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971986\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/mediawiki\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/mediawiki\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4816\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the mediawiki packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 1:1.31.12-1~deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-35480\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mediawiki\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"mediawiki\", reference:\"1:1.31.12-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"mediawiki-classes\", reference:\"1:1.31.12-1~deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-12-01T15:20:52", "description": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2020-December /000268.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-12-28T00:00:00", "type": "nessus", "title": "Fedora 33 : mediawiki (2020-0be2d40e13)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-35474", "CVE-2020-35475", "CVE-2020-35477", "CVE-2020-35478", "CVE-2020-35479", "CVE-2020-35480"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mediawiki", "cpe:/o:fedoraproject:fedora:33"], "id": "FEDORA_2020-0BE2D40E13.NASL", "href": "https://www.tenable.com/plugins/nessus/144618", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-0be2d40e13.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(144618);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2020-35474\", \"CVE-2020-35475\", \"CVE-2020-35477\", \"CVE-2020-35478\", \"CVE-2020-35479\", \"CVE-2020-35480\");\n script_xref(name:\"FEDORA\", value:\"2020-0be2d40e13\");\n\n script_name(english:\"Fedora 33 : mediawiki (2020-0be2d40e13)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"https://lists.wikimedia.org/pipermail/mediawiki-announce/2020-December\n/000268.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-0be2d40e13\"\n );\n # https://lists.wikimedia.org/pipermail/mediawiki-announce/2020-December/000268.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?64ad537e\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected mediawiki package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-35480\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mediawiki\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:33\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^33([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 33\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC33\", reference:\"mediawiki-1.35.1-1.fc33\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mediawiki\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "archlinux": [{"lastseen": "2021-07-28T14:33:56", "description": "Arch Linux Security Advisory ASA-202101-22\n==========================================\n\nSeverity: Medium\nDate : 2021-01-12\nCVE-ID : CVE-2020-35474 CVE-2020-35475 CVE-2020-35477 CVE-2020-35478\nCVE-2020-35479 CVE-2020-35480\nPackage : mediawiki\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1371\n\nSummary\n=======\n\nThe package mediawiki before version 1.35.1-1 is vulnerable to multiple\nissues including cross-site scripting and information disclosure.\n\nResolution\n==========\n\nUpgrade to 1.35.1-1.\n\n# pacman -Syu \"mediawiki>=1.35.1-1\"\n\nThe problems have been fixed upstream in version 1.35.1.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2020-35474 (cross-site scripting)\n\nIn MediaWiki before 1.35.1, the combination of Html::rawElement and\nMessage::text leads to XSS because the definition of\nMediaWiki:recentchanges-legend-watchlistexpiry can be changed onwiki so\nthat the output is raw HTML.\n\n- CVE-2020-35475 (cross-site scripting)\n\nIn MediaWiki before 1.35.1, the messages userrights-expiry-current and\nuserrights-expiry-none can contain raw HTML. XSS can happen when a user\nvisits Special:UserRights but does not have rights to change all\nuserrights, and the table on the left side has unchangeable groups in\nit. (The right column with the changeable groups is not affected and is\nescaped correctly.)\n\n- CVE-2020-35477 (information disclosure)\n\nMediaWiki before 1.35.1 blocks legitimate attempts to hide log entries\nin some situations. If one sets MediaWiki:Mainpage to\nSpecial:MyLanguage/Main Page, visits a log entry on Special:Log, and\ntoggles the \"Change visibility of selected log entries\" checkbox (or a\ntags checkbox) next to it, there is a redirection to the main page's\naction=historysubmit (instead of the desired behavior in which a\nrevision-deletion form appears).\n\n- CVE-2020-35478 (cross-site scripting)\n\nMediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php.\nMediaWiki:blanknamespace potentially can be output as raw HTML with\nSCRIPT tags via LogFormatter::makePageLink(). This affects MediaWiki\n1.33.0 and later.\n\n- CVE-2020-35479 (cross-site scripting)\n\nMediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php.\nLanguage::translateBlockExpiry itself does not escape in all code\npaths. For example, the return of Language::userTimeAndDate is is\nalways unsafe for HTML in a month value. This affects MediaWiki 1.12.0\nand later.\n\n- CVE-2020-35480 (information disclosure)\n\nAn issue was discovered in MediaWiki before 1.35.1. Missing users\n(accounts that don't exist) and hidden users (accounts that have been\nexplicitly hidden due to being abusive, or similar) that the viewer\ncannot see are handled differently, exposing sensitive information\nabout the hidden status to unprivileged viewers. This exists on various\ncode paths.\n\nImpact\n======\n\nA malicious remote user might execute code in the browser or disclose\nsensitive information.\n\nReferences\n==========\n\nhttps://bugs.archlinux.org/task/69132\nhttps://lists.wikimedia.org/pipermail/mediawiki-announce/2020-December/000268.html\nhttps://phabricator.wikimedia.org/T268894\nhttps://github.com/wikimedia/mediawiki/commit/a8b1d863bccc6b326329d0593f8126c351c6e1be\nhttps://phabricator.wikimedia.org/T268917\nhttps://github.com/wikimedia/mediawiki/commit/1f9756a4905cf61dbb3a3d742a0e2296d555c6fe\nhttps://phabricator.wikimedia.org/T205908\nhttps://github.com/wikimedia/mediawiki/commit/ac7aa53532bab782c7453e302d20e8a0712c8395\nhttps://phabricator.wikimedia.org/T268938\nhttps://github.com/wikimedia/mediawiki/commit/3437133440b6d535c25e4ae28020c809a30849b5\nhttps://github.com/wikimedia/mediawiki/commit/78663c50df6b953f4c832e1530515ebe91e1eb5d\nhttps://phabricator.wikimedia.org/T120883\nhttps://github.com/wikimedia/mediawiki/commit/15bed1201ea21ce477a16e9d02170244b0086fb4\nhttps://github.com/wikimedia/mediawiki/commit/aca0e52f5ce9312a4af4f411c756497902483a48\nhttps://security.archlinux.org/CVE-2020-35474\nhttps://security.archlinux.org/CVE-2020-35475\nhttps://security.archlinux.org/CVE-2020-35477\nhttps://security.archlinux.org/CVE-2020-35478\nhttps://security.archlinux.org/CVE-2020-35479\nhttps://security.archlinux.org/CVE-2020-35480", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-01-12T00:00:00", "type": "archlinux", "title": "[ASA-202101-22] mediawiki: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35474", "CVE-2020-35475", "CVE-2020-35477", "CVE-2020-35478", "CVE-2020-35479", "CVE-2020-35480"], "modified": "2021-01-12T00:00:00", "id": "ASA-202101-22", "href": "https://security.archlinux.org/ASA-202101-22", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "fedora": [{"lastseen": "2021-07-28T14:46:52", "description": "MediaWiki is the software used for Wikipedia and the other Wikimedia Foundation websites. Compared to other wikis, it has an excellent range of features and support for high-traffic websites using multiple servers This package supports wiki farms. Read the instructions for creating wiki instances under /usr/share/doc/mediawiki/README.RPM. Remember to remove the config dir after completing the configuration. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-12-27T01:41:09", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: mediawiki-1.35.1-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-35474", "CVE-2020-35475", "CVE-2020-35477", "CVE-2020-35478", "CVE-2020-35479", "CVE-2020-35480"], "modified": "2020-12-27T01:41:09", "id": "FEDORA:7D12D309C1CA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/STT5Z4A3BCXVH3WIPICWU2FP4IPIMUPC/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}]}
CVE-2020-35479
