|Category:||Web application abuses|
|Title:||MediaWiki <= 1.35.0 Multiple Vulnerabilities (Windows)|
|Summary:||MediaWiki is prone to multiple vulnerabilities.|
MediaWiki is prone to multiple vulnerabilities.
The following vulnerabilities exist:
- Cross-site scripting (XSS) in the Cosmos Skin because
messages are not properly escaped (CVE-2020-27620)
- User actions performed via the FileImporter extension
cannot be properly audited and attributed (CVE-2020-27621)
Successful exploitation would allow an attacker to
MediaWiki through version 1.35.0.
No known solution is available as of 26th October, 2020.
Information regarding this issue will be updated once solution details are available.
Common Vulnerability Exposure (CVE) ID: CVE-2020-27620|
Common Vulnerability Exposure (CVE) ID: CVE-2020-27621
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.