Security Advisory

CVE-2020-25812

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-09-27 20:25:18

Last updated 2024-08-04 15:40:36

Assigner mitre

State PUBLISHED

Description

An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to include raw HTML.

← Browse all CVEs View on cve.org ↗