vulnerability
MediaWiki: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CVE-2020-25814)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Sep 27, 2020 | Oct 7, 2020 | Nov 8, 2023 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Sep 27, 2020
Added
Oct 7, 2020
Modified
Nov 8, 2023
Description
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is that the jQuery object does not contain an <a> tag (or it does not have a href attribute, or it's empty, etc.). The actual result is that the object contains an <a href ="javascript... that executes when clicked.
Solutions
mediawiki-upgrade-1_31_10mediawiki-upgrade-1_34_4
References
- CVE-2020-25814
- https://attackerkb.com/topics/CVE-2020-25814
- URL-https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6/
- URL-https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html
- URL-https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html
- URL-https://www.mediawiki.org/wiki/ResourceLoader/Core_modules#mediawiki.jqueryMsg
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.