Description

An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki.

Remediation

References

CVE-2020-25869

Related Vulnerabilities

MongoDb Improper Input Validation Vulnerability (CVE-2019-2389)

Python Resource Management Errors Vulnerability (CVE-2011-1521)

WordPress Plugin Analyticator Multiple Cross-Site Scripting Vulnerabilities (6.4.9.5)

Drupal Core 4.6.x Multiple Cross-Site Scripting Vulnerabilities (4.6.0 - 4.6.9)

WebERP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2018-19436)

Severity

High

Classification

CVE-2020-25869 CWE-755 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities