1946690 – (CVE-2021-30154) CVE-2021-30154 mediawiki: XSS due to unescaped messages used in HTML on Special:NewFiles

Bug 1946690 (CVE-2021-30154) - CVE-2021-30154 mediawiki: XSS due to unescaped messages used in HTML on Special:NewFiles

Summary: CVE-2021-30154 mediawiki: XSS due to unescaped messages used in HTML on Speci...

Keywords:
Status:	CLOSED WONTFIX
Alias:	CVE-2021-30154
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1946691 1947340 1947417 1947418
Blocks:	1946702
TreeView+	depends on / blocked

Reported:	2021-04-06 16:52 UTC by Guilherme de Almeida Suckevicz
Modified:	2021-10-28 08:49 UTC (History)
CC List:	11 users (show)
Fixed In Version:	mediawiki 1.31.12, mediawiki 1.35.2
Clone Of:
Environment:
Last Closed:	2021-10-28 08:49:23 UTC
Embargoed:

Attachments	(Terms of Use)

Description Guilherme de Almeida Suckevicz 2021-04-06 16:52:22 UTC

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On Special:NewFiles, all the mediastatistics-header-* messages are output in HTML unescaped, leading to XSS.

Reference:
https://phabricator.wikimedia.org/T278014

Comment 2 Przemyslaw Roguski 2021-04-07 13:12:12 UTC

External References:

https://phabricator.wikimedia.org/T278014

Comment 3 Przemyslaw Roguski 2021-04-08 09:15:36 UTC

Statement:

The mediawiki package was removed from OpenShift Container Platform (OCP) in version 4.3, therefore for OCP 4 has been marked as out of support scope.

Note You need to log in before you can comment on or make changes to this bug.