CVE-2020-25812 – An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the N …

Vuln ID: CVE-2020-25812

Published:  2020-09-27  21:15:12Z

Description: An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to include raw HTML.

Source: NVD.NIST.GOV

 

Date:

Categorie(s):

Tag(s):