Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/mediawiki@1:1.35.0-1?distro=trixie
Typedeb
Namespacedebian
Namemediawiki
Version1:1.35.0-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1:1.35.1-1
Latest_non_vulnerable_version1:1.43.8+dfsg-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-424y-cjxg-c7az
vulnerability_id VCID-424y-cjxg-c7az
summary 
MediaWiki Cross-site Scripting (XSS) vulnerability
An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names for an HTML multi-select field. The relevant code should use escaped() instead of text().
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25815.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25815.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25815
reference_id
reference_type
scores
0
value 0.00387
scoring_system epss
scoring_elements 0.5985
published_at 2026-04-21T12:55:00Z
1
value 0.00387
scoring_system epss
scoring_elements 0.59866
published_at 2026-04-18T12:55:00Z
2
value 0.00387
scoring_system epss
scoring_elements 0.59859
published_at 2026-04-16T12:55:00Z
3
value 0.00387
scoring_system epss
scoring_elements 0.59839
published_at 2026-04-12T12:55:00Z
4
value 0.00387
scoring_system epss
scoring_elements 0.59856
published_at 2026-04-11T12:55:00Z
5
value 0.00387
scoring_system epss
scoring_elements 0.59835
published_at 2026-04-09T12:55:00Z
6
value 0.00387
scoring_system epss
scoring_elements 0.59822
published_at 2026-04-13T12:55:00Z
7
value 0.00387
scoring_system epss
scoring_elements 0.59801
published_at 2026-04-04T12:55:00Z
8
value 0.00387
scoring_system epss
scoring_elements 0.5977
published_at 2026-04-07T12:55:00Z
9
value 0.00387
scoring_system epss
scoring_elements 0.59777
published_at 2026-04-02T12:55:00Z
10
value 0.00387
scoring_system epss
scoring_elements 0.59703
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25815
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25815
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25815
3
reference_url https://gerrit.wikimedia.org/g/mediawiki/core/+/ec76e14be658187544f07c1a249a047e1a75eaf8/includes/logging/LogEventsList.php#214
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gerrit.wikimedia.org/g/mediawiki/core/+/ec76e14be658187544f07c1a249a047e1a75eaf8/includes/logging/LogEventsList.php#214
4
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25815.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25815.yaml
5
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
7
reference_url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html
8
reference_url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25815
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25815
10
reference_url https://phabricator.wikimedia.org/T256171
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://phabricator.wikimedia.org/T256171
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1903759
reference_id 1903759
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1903759
12
reference_url https://github.com/advisories/GHSA-2f58-vf6g-6p8x
reference_id GHSA-2f58-vf6g-6p8x
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2f58-vf6g-6p8x
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.35.0-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.0-1%3Fdistro=trixie
1
url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-buwp-69zb-93hs
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-q7k6-59z5-d7a7
5
vulnerability VCID-wktm-ya6k-v7dv
6
vulnerability VCID-x8t7-agtn-zudu
7
vulnerability VCID-xdct-ca96-3uat
8
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie
5
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie
6
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2020-25815, GHSA-2f58-vf6g-6p8x
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-424y-cjxg-c7az
1
url VCID-arzd-7xhw-qqb4
vulnerability_id VCID-arzd-7xhw-qqb4
summary 
OATHAuth extension in MediaWiki is not implementing rate limit
An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.9 and 1.32.x through 1.34.x before 1.34.3. For Wikis using OATHAuth on a farm/cluster (such as via CentralAuth), rate limiting of OATH tokens is only done on a single site level. Thus, multiple requests can be made across many wikis/sites concurrently.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25827.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25827.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25827
reference_id
reference_type
scores
0
value 0.00239
scoring_system epss
scoring_elements 0.46991
published_at 2026-04-21T12:55:00Z
1
value 0.00239
scoring_system epss
scoring_elements 0.47042
published_at 2026-04-18T12:55:00Z
2
value 0.00239
scoring_system epss
scoring_elements 0.46983
published_at 2026-04-12T12:55:00Z
3
value 0.00239
scoring_system epss
scoring_elements 0.46988
published_at 2026-04-08T12:55:00Z
4
value 0.00239
scoring_system epss
scoring_elements 0.46987
published_at 2026-04-04T12:55:00Z
5
value 0.00239
scoring_system epss
scoring_elements 0.4697
published_at 2026-04-02T12:55:00Z
6
value 0.00239
scoring_system epss
scoring_elements 0.46934
published_at 2026-04-07T12:55:00Z
7
value 0.00239
scoring_system epss
scoring_elements 0.47046
published_at 2026-04-16T12:55:00Z
8
value 0.00239
scoring_system epss
scoring_elements 0.4699
published_at 2026-04-13T12:55:00Z
9
value 0.00239
scoring_system epss
scoring_elements 0.4701
published_at 2026-04-11T12:55:00Z
10
value 0.00239
scoring_system epss
scoring_elements 0.46985
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25827
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25827.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25827.yaml
11
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
14
reference_url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html
15
reference_url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25827
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25827
17
reference_url https://phabricator.wikimedia.org/T251661
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://phabricator.wikimedia.org/T251661
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1903761
reference_id 1903761
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1903761
19
reference_url https://github.com/advisories/GHSA-rqvj-fc2x-99q6
reference_id GHSA-rqvj-fc2x-99q6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rqvj-fc2x-99q6
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.35.0-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.0-1%3Fdistro=trixie
1
url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-buwp-69zb-93hs
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-q7k6-59z5-d7a7
5
vulnerability VCID-wktm-ya6k-v7dv
6
vulnerability VCID-x8t7-agtn-zudu
7
vulnerability VCID-xdct-ca96-3uat
8
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie
5
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie
6
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2020-25827, GHSA-rqvj-fc2x-99q6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-arzd-7xhw-qqb4
2
url VCID-azup-qzq7-sbh6
vulnerability_id VCID-azup-qzq7-sbh6
summary 
MediaWiki Cross-site Scripting (XSS) vulnerability
In MediaWiki before 1.31.9 and 1.32.x through 1.34.x before 1.34.3, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is that the jQuery object does not contain an <a> tag (or it does not have a href attribute, or it's empty, etc.). The actual result is that the object contains an <a href ="javascript... that executes when clicked.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25814.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25814.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25814
reference_id
reference_type
scores
0
value 0.00336
scoring_system epss
scoring_elements 0.56468
published_at 2026-04-21T12:55:00Z
1
value 0.00336
scoring_system epss
scoring_elements 0.56498
published_at 2026-04-18T12:55:00Z
2
value 0.00336
scoring_system epss
scoring_elements 0.56464
published_at 2026-04-13T12:55:00Z
3
value 0.00336
scoring_system epss
scoring_elements 0.56483
published_at 2026-04-12T12:55:00Z
4
value 0.00336
scoring_system epss
scoring_elements 0.56507
published_at 2026-04-11T12:55:00Z
5
value 0.00336
scoring_system epss
scoring_elements 0.56497
published_at 2026-04-16T12:55:00Z
6
value 0.00336
scoring_system epss
scoring_elements 0.56441
published_at 2026-04-07T12:55:00Z
7
value 0.00336
scoring_system epss
scoring_elements 0.5646
published_at 2026-04-04T12:55:00Z
8
value 0.00336
scoring_system epss
scoring_elements 0.56492
published_at 2026-04-08T12:55:00Z
9
value 0.00336
scoring_system epss
scoring_elements 0.56437
published_at 2026-04-02T12:55:00Z
10
value 0.00336
scoring_system epss
scoring_elements 0.56339
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25814
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25814.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25814.yaml
11
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
13
reference_url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html
14
reference_url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25814
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25814
16
reference_url https://phabricator.wikimedia.org/T86738
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://phabricator.wikimedia.org/T86738
17
reference_url https://www.mediawiki.org/wiki/ResourceLoader/Core_modules#mediawiki.jqueryMsg
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.mediawiki.org/wiki/ResourceLoader/Core_modules#mediawiki.jqueryMsg
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1903774
reference_id 1903774
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1903774
19
reference_url https://github.com/advisories/GHSA-4vr7-m8p8-434h
reference_id GHSA-4vr7-m8p8-434h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4vr7-m8p8-434h
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.35.0-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.0-1%3Fdistro=trixie
1
url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-buwp-69zb-93hs
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-q7k6-59z5-d7a7
5
vulnerability VCID-wktm-ya6k-v7dv
6
vulnerability VCID-x8t7-agtn-zudu
7
vulnerability VCID-xdct-ca96-3uat
8
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie
5
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie
6
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2020-25814, GHSA-4vr7-m8p8-434h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-azup-qzq7-sbh6
3
url VCID-h8jw-brz8-hkfn
vulnerability_id VCID-h8jw-brz8-hkfn
summary 
MediaWiki Cross-site Scripting (XSS) vulnerability
An issue was discovered in MediaWiki 1.34.x before 1.34.3. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to include raw HTML.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25812.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25812.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25812
reference_id
reference_type
scores
0
value 0.00371
scoring_system epss
scoring_elements 0.58937
published_at 2026-04-21T12:55:00Z
1
value 0.00371
scoring_system epss
scoring_elements 0.58958
published_at 2026-04-18T12:55:00Z
2
value 0.00371
scoring_system epss
scoring_elements 0.58954
published_at 2026-04-16T12:55:00Z
3
value 0.00371
scoring_system epss
scoring_elements 0.5892
published_at 2026-04-13T12:55:00Z
4
value 0.00371
scoring_system epss
scoring_elements 0.58939
published_at 2026-04-12T12:55:00Z
5
value 0.00371
scoring_system epss
scoring_elements 0.58957
published_at 2026-04-11T12:55:00Z
6
value 0.00371
scoring_system epss
scoring_elements 0.58938
published_at 2026-04-09T12:55:00Z
7
value 0.00371
scoring_system epss
scoring_elements 0.58933
published_at 2026-04-08T12:55:00Z
8
value 0.00371
scoring_system epss
scoring_elements 0.58881
published_at 2026-04-07T12:55:00Z
9
value 0.00371
scoring_system epss
scoring_elements 0.58817
published_at 2026-04-01T12:55:00Z
10
value 0.00371
scoring_system epss
scoring_elements 0.58913
published_at 2026-04-04T12:55:00Z
11
value 0.00371
scoring_system epss
scoring_elements 0.58892
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25812
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828
10
reference_url https://gerrit.wikimedia.org/g/mediawiki/core/+/ad4a3ba45fb955aa8c0eb3c83809b16b40a498b9/includes/specials/SpecialContributions.php#592
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://gerrit.wikimedia.org/g/mediawiki/core/+/ad4a3ba45fb955aa8c0eb3c83809b16b40a498b9/includes/specials/SpecialContributions.php#592
11
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25812.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25812.yaml
12
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
14
reference_url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html
15
reference_url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25812
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25812
17
reference_url https://phabricator.wikimedia.org/T255918
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://phabricator.wikimedia.org/T255918
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1903767
reference_id 1903767
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1903767
19
reference_url https://github.com/advisories/GHSA-rj9p-8jxj-2ch4
reference_id GHSA-rj9p-8jxj-2ch4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rj9p-8jxj-2ch4
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.35.0-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.0-1%3Fdistro=trixie
1
url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-buwp-69zb-93hs
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-q7k6-59z5-d7a7
5
vulnerability VCID-wktm-ya6k-v7dv
6
vulnerability VCID-x8t7-agtn-zudu
7
vulnerability VCID-xdct-ca96-3uat
8
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie
5
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie
6
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2020-25812, GHSA-rj9p-8jxj-2ch4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h8jw-brz8-hkfn
4
url VCID-pm5t-23j4-6yh6
vulnerability_id VCID-pm5t-23j4-6yh6
summary 
MediaWiki Cross-site Scripting (XSS) vulnerability
An issue was discovered in MediaWiki before 1.31.9 and 1.32.x through 1.34.x before 1.34.3. The non-jqueryMsg version of mw.message().parse() doesn't escape HTML. This affects both message contents (which are generally safe) and the parameters (which can be based on user input). (When jqueryMsg is loaded, it correctly accepts only whitelisted tags in message contents, and escapes all parameters. Situations with an unloaded jqueryMsg are rare in practice, but can for example occur for Special:SpecialPages on a wiki with no extensions installed.)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25828.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25828.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25828
reference_id
reference_type
scores
0
value 0.00387
scoring_system epss
scoring_elements 0.5985
published_at 2026-04-21T12:55:00Z
1
value 0.00387
scoring_system epss
scoring_elements 0.59866
published_at 2026-04-18T12:55:00Z
2
value 0.00387
scoring_system epss
scoring_elements 0.59859
published_at 2026-04-16T12:55:00Z
3
value 0.00387
scoring_system epss
scoring_elements 0.59839
published_at 2026-04-12T12:55:00Z
4
value 0.00387
scoring_system epss
scoring_elements 0.59856
published_at 2026-04-11T12:55:00Z
5
value 0.00387
scoring_system epss
scoring_elements 0.59835
published_at 2026-04-09T12:55:00Z
6
value 0.00387
scoring_system epss
scoring_elements 0.59703
published_at 2026-04-01T12:55:00Z
7
value 0.00387
scoring_system epss
scoring_elements 0.59822
published_at 2026-04-13T12:55:00Z
8
value 0.00387
scoring_system epss
scoring_elements 0.5977
published_at 2026-04-07T12:55:00Z
9
value 0.00387
scoring_system epss
scoring_elements 0.59777
published_at 2026-04-02T12:55:00Z
10
value 0.00387
scoring_system epss
scoring_elements 0.59801
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25828
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25828.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25828.yaml
11
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
13
reference_url https://lists.wikimedia.org/pipermail/mediawiki-announce
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/mediawiki-announce
14
reference_url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html
15
reference_url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25828
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25828
17
reference_url https://phabricator.wikimedia.org/T115888
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://phabricator.wikimedia.org/T115888
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1903776
reference_id 1903776
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1903776
19
reference_url https://github.com/advisories/GHSA-h8qx-mj6v-2934
reference_id GHSA-h8qx-mj6v-2934
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h8qx-mj6v-2934
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.35.0-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.0-1%3Fdistro=trixie
1
url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-buwp-69zb-93hs
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-q7k6-59z5-d7a7
5
vulnerability VCID-wktm-ya6k-v7dv
6
vulnerability VCID-x8t7-agtn-zudu
7
vulnerability VCID-xdct-ca96-3uat
8
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie
5
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie
6
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2020-25828, GHSA-h8qx-mj6v-2934
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pm5t-23j4-6yh6
5
url VCID-ujdn-y48t-pbch
vulnerability_id VCID-ujdn-y48t-pbch
summary 
MediaWiki Special:UserRights exposes the existence of hidden users
In MediaWiki before 1.31.9 and 1.32.x through 1.34.x before 1.34.3, Special:UserRights exposes the existence of hidden users.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25813.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25813.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25813
reference_id
reference_type
scores
0
value 0.00366
scoring_system epss
scoring_elements 0.58639
published_at 2026-04-18T12:55:00Z
1
value 0.00366
scoring_system epss
scoring_elements 0.58634
published_at 2026-04-16T12:55:00Z
2
value 0.00366
scoring_system epss
scoring_elements 0.5864
published_at 2026-04-11T12:55:00Z
3
value 0.00366
scoring_system epss
scoring_elements 0.58565
published_at 2026-04-07T12:55:00Z
4
value 0.00366
scoring_system epss
scoring_elements 0.58595
published_at 2026-04-04T12:55:00Z
5
value 0.00366
scoring_system epss
scoring_elements 0.58574
published_at 2026-04-02T12:55:00Z
6
value 0.00366
scoring_system epss
scoring_elements 0.58489
published_at 2026-04-01T12:55:00Z
7
value 0.00366
scoring_system epss
scoring_elements 0.586
published_at 2026-04-13T12:55:00Z
8
value 0.00366
scoring_system epss
scoring_elements 0.5862
published_at 2026-04-12T12:55:00Z
9
value 0.00366
scoring_system epss
scoring_elements 0.58623
published_at 2026-04-09T12:55:00Z
10
value 0.00366
scoring_system epss
scoring_elements 0.58616
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25813
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15005
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17367
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17368
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25812
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25813
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25814
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25827
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25828
10
reference_url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25813.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/FriendsOfPHP/security-advisories/blob/master/mediawiki/core/CVE-2020-25813.yaml
11
reference_url https://github.com/wikimedia/mediawiki
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/wikimedia/mediawiki
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RTTPZ7XMDS66I442OLLHXBDNP2LCBJU6
14
reference_url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048480.html
15
reference_url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.wikimedia.org/pipermail/mediawiki-l/2020-September/048488.html
16
reference_url https://meta.wikimedia.org/wiki/Special:UserRights
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://meta.wikimedia.org/wiki/Special:UserRights
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-25813
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-25813
18
reference_url https://phabricator.wikimedia.org/T232568
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://phabricator.wikimedia.org/T232568
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1903764
reference_id 1903764
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1903764
20
reference_url https://github.com/advisories/GHSA-c4rj-wrmq-52rj
reference_id GHSA-c4rj-wrmq-52rj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c4rj-wrmq-52rj
fixed_packages
0
url pkg:deb/debian/mediawiki@1:1.35.0-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.0-1%3Fdistro=trixie
1
url pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7831-8u7z-6fep
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-wktm-ya6k-v7dv
5
vulnerability VCID-x8t7-agtn-zudu
6
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie
3
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-buwp-69zb-93hs
1
vulnerability VCID-cbtm-g4t5-u3am
2
vulnerability VCID-d5vz-puw9-t7er
3
vulnerability VCID-kw32-af5a-hqg8
4
vulnerability VCID-q7k6-59z5-d7a7
5
vulnerability VCID-wktm-ya6k-v7dv
6
vulnerability VCID-x8t7-agtn-zudu
7
vulnerability VCID-xdct-ca96-3uat
8
vulnerability VCID-zmax-894d-5kfd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie
5
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kw32-af5a-hqg8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie
6
url pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2020-25813, GHSA-c4rj-wrmq-52rj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ujdn-y48t-pbch
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.0-1%3Fdistro=trixie