Lucene search
Veracode Vulnerability DatabaseVERACODE:28641HistoryDec 19, 2020 - 1:34 a.m.
Cross-site Scripting (XSS)
2020-12-1901:34:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
mediawiki
xss
vulnerability
html::rawelement
message::text
EPSS
0.001
Percentile
47.8%
In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text leads to XSS because the definition of MediaWiki:recentchanges-legend-watchlistexpiry can be changed onwiki so that the output is raw HTML.
Related
ubuntucve
ubuntucve
CVE-2020-35474
2020-12-18 00:00:00
redhatcve
redhatcve
CVE-2020-35474
2020-12-18 17:09:52
debiancve
debiancve
CVE-2020-35474
2020-12-18 08:15:15
osv
osv
BIT-mediawiki-2020-35474
2024-03-06 11:13:33
CVE-2020-35474
2020-12-18 08:15:15
nvd
nvd
CVE-2020-35474
2020-12-18 08:15:15
prion
prion
Design/Logic Flaw
2020-12-18 08:15:00
cvelist
cvelist
CVE-2020-35474
2020-12-18 07:30:48
cve
cve
CVE-2020-35474
2020-12-18 08:15:15
altlinux
altlinux
Security fix for the ALT Linux 9 package mediawiki version 1.35.1-alt1
2020-12-30 00:00:00
openvas
openvas
MediaWiki < 1.31.11, 1.32 < 1.35.1 Multiple Vulnerabilities - Windows
2020-12-22 00:00:00
Fedora: Security Advisory for mediawiki (FEDORA-2020-0be2d40e13)
2020-12-28 00:00:00
MediaWiki < 1.31.11, 1.32 < 1.35.1 Multiple Vulnerabilities - Linux
2020-12-22 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: mediawiki-1.35.1-1.fc33
2020-12-27 01:41:09
archlinux
archlinux
[ASA-202101-22] mediawiki: multiple issues
2021-01-12 00:00:00
nessus
nessus
Fedora 33 : mediawiki (2020-0be2d40e13)
2020-12-28 00:00:00