Vulnerability CVE-2020-35625: Information

Description

An issue was discovered in the Widgets extension for MediaWiki through 1.35.1. Any user with the ability to edit pages within the Widgets namespace could call any static function within any class (defined within PHP or MediaWiki) via a crafted HTML comment, related to a Smarty template. For example, a person in the Widget Editors group could use \MediaWiki\Shell\Shell::command within a comment.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-35625
Published: Dec. 22, 2020
Modified: July 21, 2021
Error type identifier: CWE-862

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
mediawikisisyphus1.35.2-alt11.40.1-alt2ALT-PU-2021-1712-1270649Fixed
mediawikip101.35.2-alt11.40.1-alt2ALT-PU-2021-1712-1270649Fixed
mediawikip91.36.1-alt11.36.1-alt1ALT-PU-2021-2091-1274917Fixed
mediawikic10f11.35.2-alt11.37.2-alt1ALT-PU-2021-1712-1270649Fixed
mediawiki-extensions-Widgetssisyphus1.3.0-alt1git1.3.0-alt1gitALT-PU-2021-2069-1276124Fixed
mediawiki-extensions-Widgetsp101.3.0-alt1git1.3.0-alt1gitALT-PU-2021-2069-1276124Fixed
mediawiki-extensions-Widgetsp91.3.0-alt1git1.3.0-alt1gitALT-PU-2021-2092-1274917Fixed
mediawiki-extensions-Widgetsc10f11.3.0-alt1git1.3.0-alt1gitALT-PU-2021-2069-1276124Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://phabricator.wikimedia.org/T269718
  • Third Party Advisory
https://gerrit.wikimedia.org/r/q/Ic899a8b15bc510e61cdacb5c024af2d226a2dbeb
  • Third Party Advisory

    1. Configuration 1

      cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*
      End including
      1.35.1
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.0
Back to top