CVE-2020-25814Cross-site Scripting in Mediawiki

CWE-79Cross-site Scripting6 documents5 sources
Severity
6.1MEDIUMNVD
EPSS
0.3%
top 43.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
MediawikiMediawiki CoreDebian Mediawiki+1 more
Timeline
PublishedSep 27
Latest updateMay 24

Description

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is that the jQuery object does not contain an tag (or it does not have a href attribute, or it's empty, etc.). The actual result is that the object contains an <a href ="javascript... that executes when clicked.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages4 packages

Packagistmediawiki/core1.31.01.31.9+2
debiandebian/mediawiki< mediawiki 1:1.35.0-1 (bookworm)
NVDmediawiki/mediawiki1.32.01.34.4+1
Debianmediawiki/mediawiki< 1:1.35.0-1+3

Also affects: Fedora 33

🔴Vulnerability Details

3
GHSA
MediaWiki Cross-site Scripting (XSS) vulnerability2022-05-24
OSV
MediaWiki Cross-site Scripting (XSS) vulnerability2022-05-24
OSV
CVE-2020-25814: In MediaWiki before 12020-09-27

📋Vendor Advisories

2
Red Hat
mediawiki: XSS via javascript:payload2020-09-27
Debian
CVE-2020-25814: mediawiki - In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related...2020
CVE-2020-25814 — Cross-site Scripting in Mediawiki | cvebase