Vulnerabilities > CVE-2020-25869 - Incorrect Authorization vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
mediawiki
fedoraproject
CWE-863

Summary

An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki.

Vulnerable Configurations

Part Description Count
Application
Mediawiki
367
OS
Fedoraproject
1

Common Weakness Enumeration (CWE)