CVE-2020-35477
CVSS v3.1
5.3 (Medium)
CVSS v2.0
5 (Medium)
EPSS
0.22 % (61th)
Affected Products
3
Advisories
3
MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one sets MediaWiki:Mainpage to Special:MyLanguage/Main Page, visits a log entry on Special:Log, and toggles the "Change visibility of selected log entries" checkbox (or a tags checkbox) next to it, there is a redirection to the main page's action=historysubmit (instead of the desired behavior in which a revision-deletion form appears).
Weaknesses
- CWE-670
- Always-Incorrect Control Flow Implementation
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2020-12-18 08:15:15
(3 years ago) - Updated Date
-
2023-11-07 03:21:55
(10 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...