In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side has unchangeable groups in it. (The right column with the changeable groups is not affected and is escaped correctly.)
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-12-18T07:32:34
Updated: 2024-08-04T17:02:08.062Z
Reserved: 2020-12-16T00:00:00
Link: CVE-2020-35475
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-12-18T08:15:15.137
Modified: 2023-11-07T03:21:54.997
Link: CVE-2020-35475
Redhat