Description

An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki.

Remediation

References

CVE-2020-25869

Related Vulnerabilities

WordPress 5.8.x Multiple Vulnerabilities (5.8 - 5.8.2)

SharePoint CVE-2024-43503 Vulnerability (CVE-2024-43503)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-42115)

WordPress Plugin iThemes Exchange:Simple WP Ecommerce Remote Code Execution (1.14.0)

MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-1578)

Severity

High

Classification

CVE-2020-25869 CWE-755 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities