Description

An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki.

Remediation

References

CVE-2020-25869

Related Vulnerabilities

Citrix NetScaler Information Disclosure 'Citrix Bleed' (CVE-2023-4966)

WordPress Plugin FeedWordPress Cross-Site Scripting (2014.0805)

Django URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-7233)

SharePoint CVE-2025-21344 Vulnerability (CVE-2025-21344)

Atlassian Jira CVE-2020-36286 Vulnerability (CVE-2020-36286)

Severity

High

Classification

CVE-2020-25869 CWE-755 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities