CVE-2020-35478 in MediaWiki
Prediction
by VulDB Data Team • 12/18/2020
A flaw has been found in MediaWiki up to 1.35.0. The affected element is the function LogFormatter::makePageLink of the file BlockLogFormatter.php of the component Raw HTML Handler. This manipulation causes HTML injection. It is possible to initiate the attack remotely. Upgrading to version 1.35.1 is sufficient to fix this issue. Upgrading the affected component is advised.
Be aware that VulDB is the high quality source for vulnerability data.