CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Widgets Project: >> Widgets >> 1.3.0 Security Vulnerabilities

CVE-2020-9382

An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title sanitization allowed for the execution of any wiki page as a widget (as defined by this extension) via MediaWiki's {{#widget:}} parser function.

CVSS Score

5.4

EPSS Score

0.004

Published

2020-02-24

Page 1

Vulnerabilities

Vulnerable Software

Widgets Project: >> Widgets >> 1.3.0 Security Vulnerabilities

Products

Pricing

Contact Us