Lucene search
GoogleOSV:CVE-2020-35474HistoryDec 18, 2020 - 8:15 a.m.
CVE-2020-35474
2020-12-1808:15:15
Google
osv.dev
9
mediawiki
xss
vulnerability
html
recent changes
In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text leads to XSS because the definition of MediaWiki:recentchanges-legend-watchlistexpiry can be changed onwiki so that the output is raw HTML.
Related
ubuntucve
ubuntucve
CVE-2020-35474
2020-12-18 00:00:00
redhatcve
redhatcve
CVE-2020-35474
2020-12-18 17:09:52
debiancve
debiancve
CVE-2020-35474
2020-12-18 08:15:15
osv
osv
BIT-mediawiki-2020-35474
2024-03-06 11:13:33
nvd
nvd
CVE-2020-35474
2020-12-18 08:15:15
prion
prion
Design/Logic Flaw
2020-12-18 08:15:00
veracode
veracode
Cross-site Scripting (XSS)
2020-12-19 01:34:47
cvelist
cvelist
CVE-2020-35474
2020-12-18 07:30:48
cve
cve
CVE-2020-35474
2020-12-18 08:15:15
altlinux
altlinux
Security fix for the ALT Linux 9 package mediawiki version 1.35.1-alt1
2020-12-30 00:00:00
openvas
openvas
MediaWiki < 1.31.11, 1.32 < 1.35.1 Multiple Vulnerabilities - Windows
2020-12-22 00:00:00
Fedora: Security Advisory for mediawiki (FEDORA-2020-0be2d40e13)
2020-12-28 00:00:00
MediaWiki < 1.31.11, 1.32 < 1.35.1 Multiple Vulnerabilities - Linux
2020-12-22 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: mediawiki-1.35.1-1.fc33
2020-12-27 01:41:09
archlinux
archlinux
[ASA-202101-22] mediawiki: multiple issues
2021-01-12 00:00:00
nessus
nessus
Fedora 33 : mediawiki (2020-0be2d40e13)
2020-12-28 00:00:00