EPSS
Percentile
57.3%
mediawiki is vulnerable to cross-site scripting (XSS). The vulnerability exists when a user visits Special:UserRights and does not have rights to change all userrights, and the table on the left side has unchangeable groups in it.
Special:UserRights
lists.fedoraproject.org/archives/list/[email protected]/message/STT5Z4A3BCXVH3WIPICWU2FP4IPIMUPC/
lists.wikimedia.org/pipermail/mediawiki-announce/2020-December/000268.html
phabricator.wikimedia.org/T268917
security-tracker.debian.org/tracker/CVE-2020-35475
www.debian.org/security/2020/dsa-4816