CVE-2020-35478 in MediaWikiinfo

Prediction

by VulDB Data Team • 12/18/2020

A flaw has been found in MediaWiki up to 1.35.0. The affected element is the function LogFormatter::makePageLink of the file BlockLogFormatter.php of the component Raw HTML Handler. This manipulation causes HTML injection. It is possible to initiate the attack remotely. Upgrading to version 1.35.1 is sufficient to fix this issue. Upgrading the affected component is advised.

Be aware that VulDB is the high quality source for vulnerability data.

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!