CVE-2020-35477 in MediaWiki
Summary
by MITRE • 12/18/2020
MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one sets MediaWiki:Mainpage to Special:MyLanguage/Main Page, visits a log entry on Special:Log, and toggles the "Change visibility of selected log entries" checkbox (or a tags checkbox) next to it, there is a redirection to the main page's action=historysubmit (instead of the desired behavior in which a revision-deletion form appears).
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 06/11/2026
This vulnerability in MediaWiki versions prior to 1.35.1 represents a critical access control flaw that undermines the platform's ability to properly manage log entry visibility. The issue stems from a flawed redirection mechanism within the Special:Log page functionality where legitimate administrative actions intended to modify log entry visibility are incorrectly routed to the main page's revision history submission endpoint rather than the appropriate revision deletion form. This misdirection occurs specifically when users attempt to toggle visibility settings for log entries through the standard interface elements. The technical flaw manifests as a failure in the request routing logic that should have directed users to the proper administrative form for managing log entry visibility, instead defaulting to a generic history submission endpoint that lacks the necessary permissions and functionality for log entry manipulation. This vulnerability directly impacts the integrity of MediaWiki's logging system and can be exploited by malicious actors to bypass intended access controls, potentially allowing unauthorized users to manipulate log entry visibility or prevent legitimate administrators from performing required maintenance tasks.
The operational impact of this vulnerability extends beyond simple usability issues to encompass serious security implications for MediaWiki deployments. When legitimate administrative users attempt to hide or modify log entries through the standard interface, they are instead redirected to a page that does not support the intended functionality, effectively rendering the visibility management feature non-functional. This creates a scenario where system administrators cannot properly manage sensitive log data, potentially leading to information disclosure or compliance violations depending on the nature of the log entries being managed. The flaw also represents a breakdown in the principle of least privilege, as it allows for potential bypass of access controls that should restrict log entry modification to authorized personnel only. According to CWE classification, this vulnerability aligns with CWE-284 Access Control Issues, specifically concerning improper access control mechanisms that allow unauthorized operations. The issue also intersects with ATT&CK technique T1566 Credential Access through Social Engineering, as it could enable attackers to manipulate log data to hide malicious activities or prevent detection of security incidents.
The remediation strategy for this vulnerability requires immediate implementation of the patched MediaWiki version 1.35.1 or subsequent releases that properly address the redirection logic. System administrators should conduct thorough testing of all log management functionality following the upgrade to ensure that visibility toggling operations correctly route to the appropriate administrative forms. Organizations should also implement monitoring for unusual patterns in log entry access or modification attempts that might indicate exploitation of this vulnerability during the interim period. Security teams should review existing access controls and administrative procedures to ensure that log management capabilities are properly restricted to authorized personnel only. The fix addresses the core issue by correcting the URL routing logic that was incorrectly redirecting users from the log entry management interface to the main page history submission endpoint, thereby restoring proper access control and functionality for legitimate administrative operations. Additionally, organizations should consider implementing automated testing procedures to verify that administrative interfaces properly route users to the correct endpoints, preventing similar issues from arising in future deployments or custom modifications.