Description

An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki.

Remediation

References

CVE-2020-25869

Related Vulnerabilities

Internet Information Services Other Vulnerability (CVE-2000-0246)

WordPress Plugin Nextend Facebook Connect Cross-Site Scripting (1.5.0)

MySQL CVE-2017-3650 Vulnerability (CVE-2017-3650)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-0739)

WordPress Plugin W3 Total Cache Server-Side Request Forgery (0.9.7.3)

Severity

High

Classification

CVE-2020-25869 CWE-755 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities