CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-29003
https://notcve.org/view.php?id=CVE-2020-29003
24 Nov 2020 — The PollNY extension for MediaWiki through 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll. La extensión PollNY para MediaWiki versiones hasta 1.35, permite un ataque de tipo XSS por medio de una opción de respuesta para una pregunta de encuesta, ingresada durante Special:CreatePoll o Special:UpdatePoll • https://phabricator.wikimedia.org/T266508 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-27957
https://notcve.org/view.php?id=CVE-2020-27957
28 Oct 2020 — The RandomGameUnit extension for MediaWiki through 1.35 was not properly escaping various title-related data. When certain varieties of games were created within MediaWiki, their names or titles could be manipulated to generate stored XSS within the RandomGameUnit extension. La extensión RandomGameUnit para MediaWiki hasta la versión 1.35 no escapaba adecuadamente a varios datos relacionados con los títulos. Cuando se crearon ciertas variedades de juegos dentro de MediaWiki, sus nombres o títulos podían ser... • https://gerrit.wikimedia.org/r/q/I497d2076038f75c9eb77e0e250f2af56f5bd2bfc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27620
https://notcve.org/view.php?id=CVE-2020-27620
22 Oct 2020 — The Cosmos Skin for MediaWiki through 1.35.0 has stored XSS because MediaWiki messages were not being properly escaped. This is related to wfMessage and Html::rawElement, as demonstrated by CosmosSocialProfile::getUserGroups. El Cosmos Skin para MediaWiki versiones hasta 1.35.0, presenta una vulnerabilidad de tipo XSS almacenado porque los mensajes de MediaWiki no se escapaban apropiadamente. Esto está relacionado con las funciones wfMessage y Html::rawElement, como es demostrado en la función CosmosSo... • https://gerrit.wikimedia.org/r/c/mediawiki/skins/Cosmos/+/634749 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2CVE-2020-27621
https://notcve.org/view.php?id=CVE-2020-27621
22 Oct 2020 — The FileImporter extension in MediaWiki through 1.35.0 was not properly attributing various user actions to a specific user's IP address. Instead, for various actions, it would report the IP address of an internal Wikimedia Foundation server by omitting X-Forwarded-For data. This resulted in an inability to properly audit and attribute various user actions performed via the FileImporter extension. La extensión FileImporter en MediaWiki versiones hasta 1.35.0 no atribuía apropiadamente varias acciones de usu... • https://gerrit.wikimedia.org/r/q/I24a240253c7a5c66dd493a68e8c23d95a17e1b21 •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-25813 – Debian Security Advisory 4767-1
https://notcve.org/view.php?id=CVE-2020-25813
27 Sep 2020 — In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users. En MediaWiki versiones anteriores a 1.31.10 y desde 1.32.x hasta 1.34.x anteriores a 1.34.4, Special:UserRights expone la existencia de usuarios ocultos Multiple security issues were discovered in MediaWiki, a website engine existed or not, multiple code paths lacked HTML sanitisation allowing for cross-site scripting and TOTP validation applied insufficient rate limiting against br... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-25827 – Debian Security Advisory 4767-1
https://notcve.org/view.php?id=CVE-2020-25827
27 Sep 2020 — An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. For Wikis using OATHAuth on a farm/cluster (such as via CentralAuth), rate limiting of OATH tokens is only done on a single site level. Thus, multiple requests can be made across many wikis/sites concurrently. Se detectó un problema en la extensión OATHAuth en MediaWiki versiones anteriores a 1.31.10 y desde 1.32.x hasta 1.34.x anteriores a 1.34.4. Para los wikis que usan OATHAuth en u... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-25869
https://notcve.org/view.php?id=CVE-2020-25869
27 Sep 2020 — An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki. Se detectó un filtrado de información en MediaWiki versiones anteriores a 1.31.10 y desde 1.32.x hasta 1.34.x anteriores a 1.34.4. El manejo de la identificación del actor no necesariamente usa la base de datos correcta o la wiki correcta • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6 • CWE-863: Incorrect Authorization •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-25828 – Debian Security Advisory 4767-1
https://notcve.org/view.php?id=CVE-2020-25828
27 Sep 2020 — An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. The non-jqueryMsg version of mw.message().parse() doesn't escape HTML. This affects both message contents (which are generally safe) and the parameters (which can be based on user input). (When jqueryMsg is loaded, it correctly accepts only whitelisted tags in message contents, and escapes all parameters. Situations with an unloaded jqueryMsg are rare in practice, but can for example occur for Special:SpecialPages o... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-25814 – Debian Security Advisory 4767-1
https://notcve.org/view.php?id=CVE-2020-25814
27 Sep 2020 — In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is that the jQuery object does not contain an tag (or it does not have a href attribute, or it's empty, etc.). The actual result is that the object contains an https://notcve.org/view.php?id=CVE-2020-25815 27 Sep 2020 — An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names for an HTML multi-select field. The relevant code should use escaped() instead of text(). Se detectó un problema en MediaWiki desde 1.32.x hasta 1.34.x anteriores a 1.34.4. La función LogEventList::getFiltersDesc usa de forma no segura el texto del mensaje para crear nombres de opciones para un campo de selección múltiple HTML. • https://gerrit.wikimedia.org/g/mediawiki/core/+/ec76e14be658187544f07c1a249a047e1a75eaf8/includes/logging/LogEventsList.php#214 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') • CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-25815 – Debian Security Advisory 4767-1