CVE-2020-25814 – mediawiki/core

Package

Manager: composer
Name: mediawiki/core
Vulnerable Version: >=1.31.0 <1.31.9 || >=1.32.0 <1.34.3 || >=1.35.0-rc.0 <1.35.0

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00465 pctl0.63417

Details

MediaWiki Cross-site Scripting (XSS) vulnerability In MediaWiki before 1.31.9 and 1.32.x through 1.34.x before 1.34.3, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is that the jQuery object does not contain an <a> tag (or it does not have a href attribute, or it's empty, etc.). The actual result is that the object contains an <a href ="javascript... that executes when clicked.

Metadata

Created: 2022-05-24T17:29:42Z
Modified: 2024-05-17T21:56:21Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-4vr7-m8p8-434h/GHSA-4vr7-m8p8-434h.json
CWE IDs: ["CWE-79"]
Alternative ID: GHSA-4vr7-m8p8-434h
Finding: F008
Auto approve: 1