CVE-2020-25869

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-25869

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-25869.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-25869

Aliases

BIT-mediawiki-2020-25869

Related

MGASA-2020-0381

Published

2020-09-27T21:15:12.937Z

Modified

2026-03-14T10:23:17.329422Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki.

References

Affected packages

Git / github.com/wikimedia/mediawiki

Affected ranges

Type

GIT

Repo

https://github.com/wikimedia/mediawiki

Events

Introduced

Fixed

0fa7240e6a81be24dc0eb3c250ec2a25a2099faa

Introduced

0fbb878ef366477535a709b0c2564bdcf4b176d1

Fixed

e34e7f20b51ed7514ba6de8d8a390363ade2237f

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.31.10"
        },
        {
            "introduced": "1.32.0"
        },
        {
            "fixed": "1.34.4"
        }
    ]
}

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-25869.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "33"
            }
        ]
    }
]