Vulnerabilities > Mediawiki > Mediawiki > 1.34.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-03 | CVE-2020-10960 | Improper Encoding or Escaping of Output vulnerability in Mediawiki In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. | 5.0 |
2020-03-12 | CVE-2020-10534 | Improper Privilege Management vulnerability in Mediawiki In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0, an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. | 7.5 |