Bitnami package
mediawiki
pkg:bitnami/mediawiki
Vulnerabilities (172)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-25828 | — | >= 1.31.10, < 1.31.11 | 1.31.11 | Sep 27, 2020 | An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. The non-jqueryMsg version of mw.message().parse() doesn't escape HTML. This affects both message contents (which are generally safe) and the parameters (which can be based on user input). | ||
| CVE-2020-25814 | — | < 1.31.10 | 1.31.10 | Sep 27, 2020 | In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is that the jQuery object does not c | ||
| CVE-2020-25815 | — | >= 1.32.0, < 1.34.4 | 1.34.4 | Sep 27, 2020 | An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names for an HTML multi-select field. The relevant code should use escaped() instead of text(). | ||
| CVE-2020-25812 | — | >= 1.34.0, < 1.34.4 | 1.34.4 | Sep 27, 2020 | An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to include raw HTML. | ||
| CVE-2020-26121 | — | < 1.34.4 | 1.34.4 | Sep 27, 2020 | An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to create it. This occurs because of a mishandled distinction betwee | ||
| CVE-2020-26120 | — | < 1.34.4 | 1.34.4 | Sep 27, 2020 | XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. Using crafted HTML, an attacker can elicit an XSS attack via jQuery's parseHTML method, which can cause image callback | ||
| CVE-2020-15005 | — | < 1.31.8 | 1.31.8 | Jun 24, 2020 | In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them. This occurs | ||
| CVE-2020-10959 | — | < 1.35.0 | 1.35.0 | Jun 2, 2020 | resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page. | ||
| CVE-2020-12051 | — | — | — | Apr 21, 2020 | The CentralAuth extension through REL1_34 for MediaWiki allows remote attackers to obtain sensitive hidden account information via an api.php?action=query&meta=globaluserinfo&guiuser= request. In other words, the information can be retrieved via the action API even though access | ||
| CVE-2020-10960 | — | < 1.34.1 | 1.34.1 | Apr 3, 2020 | In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows apply | ||
| CVE-2020-10534 | — | < 1.34.1 | 1.34.1 | Mar 12, 2020 | In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0, an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to the case in which an IP address is contained in two ranges, one of which is locall | ||
| CVE-2020-6163 | — | >= 1.35.0, < 1.35.1 | 1.35.1 | Jan 8, 2020 | The WikibaseMediaInfo extension 1.35 for MediaWiki allows XSS because of improper template syntax within the PropertySuggestionsWidget template (in the templates/search/PropertySuggestionsWidget.mustache+dom file). |
- CVE-2020-25828Sep 27, 2020affected >= 1.31.10, < 1.31.11fixed 1.31.11
An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. The non-jqueryMsg version of mw.message().parse() doesn't escape HTML. This affects both message contents (which are generally safe) and the parameters (which can be based on user input).
- CVE-2020-25814Sep 27, 2020affected < 1.31.10fixed 1.31.10
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is that the jQuery object does not c
- CVE-2020-25815Sep 27, 2020affected >= 1.32.0, < 1.34.4fixed 1.34.4
An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names for an HTML multi-select field. The relevant code should use escaped() instead of text().
- CVE-2020-25812Sep 27, 2020affected >= 1.34.0, < 1.34.4fixed 1.34.4
An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to include raw HTML.
- CVE-2020-26121Sep 27, 2020affected < 1.34.4fixed 1.34.4
An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to create it. This occurs because of a mishandled distinction betwee
- CVE-2020-26120Sep 27, 2020affected < 1.34.4fixed 1.34.4
XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. Using crafted HTML, an attacker can elicit an XSS attack via jQuery's parseHTML method, which can cause image callback
- CVE-2020-15005Jun 24, 2020affected < 1.31.8fixed 1.31.8
In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them. This occurs
- CVE-2020-10959Jun 2, 2020affected < 1.35.0fixed 1.35.0
resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page.
- CVE-2020-12051Apr 21, 2020
The CentralAuth extension through REL1_34 for MediaWiki allows remote attackers to obtain sensitive hidden account information via an api.php?action=query&meta=globaluserinfo&guiuser= request. In other words, the information can be retrieved via the action API even though access
- CVE-2020-10960Apr 3, 2020affected < 1.34.1fixed 1.34.1
In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows apply
- CVE-2020-10534Mar 12, 2020affected < 1.34.1fixed 1.34.1
In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0, an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to the case in which an IP address is contained in two ranges, one of which is locall
- CVE-2020-6163Jan 8, 2020affected >= 1.35.0, < 1.35.1fixed 1.35.1
The WikibaseMediaInfo extension 1.35 for MediaWiki allows XSS because of improper template syntax within the PropertySuggestionsWidget template (in the templates/search/PropertySuggestionsWidget.mustache+dom file).
Page 9 of 9