CVE-2020-35475
HIGHMediaWiki < 1.35.1 - Cross-Site Scripting in UserRights Special Page
Title source: llmDescription
In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. (The right column with the changeable groups is not affected and is escaped correctly.)
References (4)
Core 4
Core References
Issue Tracking, Third Party Advisory x_refsource_misc
https://phabricator.wikimedia.org/T268917
Mailing List, Release Notes, Vendor Advisory x_refsource_misc
https://lists.wikimedia.org/pipermail/mediawiki-announce/2020-December/000268.html
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2020/dsa-4816
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/STT5Z4A3BCXVH3WIPICWU2FP4IPIMUPC/
Scores
CVSS v3
7.5
EPSS
0.0059
EPSS Percentile
69.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-79
Status
published
Products (3)
debian/debian_linux
10.0
fedoraproject/fedora
33
mediawiki/mediawiki
< 1.35.1
Published
Dec 18, 2020
Tracked Since
Feb 18, 2026