Skip to main content
CVE-2020-26120 MEDIUM POC This Month

XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mediawiki Fedora
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-25828 MEDIUM PATCH This Month

An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mediawiki Fedora
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2020-25815 MEDIUM PATCH This Month

An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Mediawiki Fedora
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2020-25814 MEDIUM PATCH This Month

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mediawiki Fedora
NVD
CVSS 3.1
6.1
EPSS
1.4%
CVE-2020-25812 MEDIUM PATCH This Month

An issue was discovered in MediaWiki 1.34.x before 1.34.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mediawiki Fedora
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2020-25813 MEDIUM PATCH This Month

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mediawiki Fedora
NVD
CVSS 3.1
5.3
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy