CVE-2020-35625

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-35625

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-35625.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-35625

Aliases

BIT-mediawiki-2020-35625

Published

2020-12-21T23:15:12Z

Modified

2025-01-14T08:51:49.270386Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in the Widgets extension for MediaWiki through 1.35.1. Any user with the ability to edit pages within the Widgets namespace could call any static function within any class (defined within PHP or MediaWiki) via a crafted HTML comment, related to a Smarty template. For example, a person in the Widget Editors group could use \MediaWiki\Shell\Shell::command within a comment.

References

Affected packages

Git / github.com/wikimedia/mediawiki

Affected ranges

Type: GIT
Repo: https://github.com/wikimedia/mediawiki
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

3e26b5ff1468f98cf306575d125b29a6645bf2ea

Affected versions

1.*

1.1.0

1.3.0beta1

1.35.0

1.35.0-rc.0

1.35.0-rc.1

1.35.0-rc.2

1.35.0-rc.3

1.35.1

1.5.0alpha1

1.5.0alpha2

1.5.0beta1

1.5.0beta2

1.5.0beta3

1.5.0beta4

1.6.0