CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-25812 – Debian Security Advisory 4767-1
https://notcve.org/view.php?id=CVE-2020-25812
27 Sep 2020 — An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to include raw HTML. Se detectó un problema en MediaWiki desde 1.34.x anteriores a 1.34.4. En Special:Contributions, el filtro NS usa mensajes sin escape como claves en la clave de opción para un especificador HTMLForm. • https://gerrit.wikimedia.org/g/mediawiki/core/+/ad4a3ba45fb955aa8c0eb3c83809b16b40a498b9/includes/specials/SpecialContributions.php#592 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-26121
https://notcve.org/view.php?id=CVE-2020-26121
27 Sep 2020 — An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to create it. This occurs because of a mishandled distinction between an upload restriction and a create restriction. An attacker cannot leverage this to overwrite anything, but can leverage this to force a wiki to have a page with a disallowed title. Se detectó un problema en la extensión FileImpor... • https://commons.wikimedia.org/w/index.php?oldid=454609892#File:Wiki.png • CWE-863: Incorrect Authorization •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2020-26120
https://notcve.org/view.php?id=CVE-2020-26120
27 Sep 2020 — XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. Using crafted HTML, an attacker can elicit an XSS attack via jQuery's parseHTML method, which can cause image callbacks to fire even without the element being appended to the DOM. Una vulnerabilidad de tipo XSS se presenta en la extensión MobileFrontend para MediaWiki versiones anteriores a 1.34.4 porque section.line es manejada inapropiadamente du... • https://gerrit.wikimedia.org/r/q/I42e079bc875d17b336ab015f3678eaedc26e10ea • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.1EPSS: 0%CPEs: 6EXPL: 0CVE-2020-15005 – Debian Security Advisory 4767-1
https://notcve.org/view.php?id=CVE-2020-15005
24 Jun 2020 — In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them. This occurs because Cache-Control and Vary headers were mishandled. En MediaWiki en versiones anteriores a la 1.31.8, 1.32.x y 1.33.x versiones anteriores a la 1.33.4, y 1.34.x en versiones anteriores a la 1.34.2, los wikis privados que se enc... • https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_31/RELEASE-NOTES-1.31 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2020-10959
https://notcve.org/view.php?id=CVE-2020-10959
02 Jun 2020 — resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page. En el archivo resources/src/mediawiki.page.ready/ready.js en MediaWiki versiones anteriores a 1.35, permite a atacantes remotos forzar un cierre de sesión y una redirección externa por medio del contenido HTML en una página de MediaWiki. • https://gerrit.wikimedia.org/r/c/mediawiki/core/+/536725 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-12051
https://notcve.org/view.php?id=CVE-2020-12051
21 Apr 2020 — The CentralAuth extension through REL1_34 for MediaWiki allows remote attackers to obtain sensitive hidden account information via an api.php?action=query&meta=globaluserinfo&guiuser= request. In other words, the information can be retrieved via the action API even though access would be denied when simply visiting wiki/Special:CentralAuth in a web browser. La extensión CentralAuth versiones hasta REL1_34 para MediaWiki, permite a atacantes remotos obtener información confidencial de la cuenta oculta por me... • https://gerrit.wikimedia.org/r/#/q/I3c80641dc1202df7428714f0ca44717a51ff6021 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2020-10960 – Debian Security Advisory 4651-1
https://notcve.org/view.php?id=CVE-2020-10960
03 Apr 2020 — In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event handler to any Cascading Style Sheets (CSS) selector. There is no known way to exploit this for cross-site scripting (XSS). En MediaWiki versiones anteriores a 1.34.1, los usuarios pueden agregar varias clases de Cascad... • https://lists.wikimedia.org/pipermail/wikitech-l/2020-March/093243.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-16528
https://notcve.org/view.php?id=CVE-2019-16528
20 Mar 2020 — An issue was discovered in the AbuseFilter extension for MediaWiki. includes/special/SpecialAbuseLog.php allows attackers to obtain sensitive information, such as deleted/suppressed usernames and summaries, from AbuseLog revision data. This affects REL1_32 and REL1_33. Se detectó un problema en la extensión AbuseFilter para MediaWiki. El archivo includes/special/SpecialAbuseLog.php permite a atacantes obtener información confidencial, tal y como nombres de usuario eliminados y suprimidos y resúmenes, desde ... • https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/538051 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16529
https://notcve.org/view.php?id=CVE-2019-16529
19 Mar 2020 — An issue was discovered in the CheckUser extension through 1.35.0 for MediaWiki. Oversighted edit summaries are still visible in CheckUser results in violation of MediaWiki's permissions model. Se detectó un problema en la extensión CheckUser versiones hasta 1.35.0, para MediaWiki. Los resúmenes de edición ignorados ??siguen siendo visibles en CheckUser, que resulta en una violación del modelo de permisos de MediaWiki. • https://phabricator.wikimedia.org/T207094 •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 1CVE-2019-15124
https://notcve.org/view.php?id=CVE-2019-15124
19 Mar 2020 — In the MobileFrontend extension for MediaWiki, XSS exists within the edit summary field of the watchlist feed. This affects REL1_31, REL1_32, and REL1_33. En la extensión MobileFrontend para MediaWiki, se presenta una vulnerabilidad de tipo XSS dentro del campo edit summary del feed watchlist. Esto afecta a las versiones REL1_31, REL1_32 y REL1_33. • https://phabricator.wikimedia.org/T230576 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •