Description

An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki.

Remediation

References

CVE-2020-25869

Related Vulnerabilities

MySQL CVE-2020-14878 Vulnerability (CVE-2020-14878)

Joomla CVE-2012-5827 Vulnerability (CVE-2012-5827)

PHP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-0568)

WordPress Plugin Export any WordPress data to XML/CSV Cross-Site Scripting (1.3.5)

MySQL CVE-2019-2963 Vulnerability (CVE-2019-2963)

Severity

High

Classification

CVE-2020-25869 CWE-755 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities