CVE-2020-35475

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.1

Description: The issue is related to the messages userrights-expiry-current and userrights-expiry-none containing raw HTML, which can lead to XSS when a user visits Special:UserRights without having the rights to change all userrights, and the table on the left side has unchangeable groups in it. The right column with the changeable groups is not affected and is escaped correctly.

Recommendations: For MediaWiki versions prior to 1.35.1, update to version 1.35.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Special:UserRights page until the update is applied.

Fix

XSS

Improper Encoding or Escaping of Output

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-116

Related Identifiers

ALT-PU-2020-3554

ALT-PU-2020-3568

BDU:2021-01772

BIT-MEDIAWIKI-2020-35475

CVE-2020-35475

DSA-4816-1

MGASA-2021-0086

Affected Products

Alt Linux

Mediawiki

CVE-2020-35475

Weakness Enumeration

Related Identifiers

Affected Products

References · 25