PT-2020-5805 · Mediawiki+1 · Mediawiki+1

Umherirrender

Published

2020-11-29

Updated

2024-03-06

CVE-2020-35479

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.12.0 through 1.35.0

Description: The issue is related to insufficient protection measures in the BlockLogFormatter.php component of MediaWiki, allowing a remote attacker to compromise data integrity. The problem lies in the Language::translateBlockExpiry function not escaping in all code paths, making the return of Language::userTimeAndDate unsafe for HTML, particularly in month values.

Recommendations: For MediaWiki versions 1.12.0 through 1.35.0, update to version 1.35.1 or later to resolve the issue. As a temporary workaround, consider disabling the Language::translateBlockExpiry function until a patch is available. Restrict access to the BlockLogFormatter.php component to minimize the risk of exploitation.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

ALT-PU-2020-3554

ALT-PU-2020-3568

BDU:2021-01770

BIT-MEDIAWIKI-2020-35479

CVE-2020-35479

DLA-2504-1

DSA-4816-1

MGASA-2021-0086

Affected Products

Alt Linux

Mediawiki

PT-2020-5805 · Mediawiki+1 · Mediawiki+1

CVE-2020-35479

Weakness Enumeration

Related Identifiers

Affected Products

References · 30