An issue was discovered in the Widgets extension for MediaWiki through 1.35.1. Any user with the ability to edit pages within the Widgets namespace could call any static function within any class (defined within PHP or MediaWiki) via a crafted HTML comment, related to a Smarty template. For example, a person in the Widget Editors group could use \MediaWiki\Shell\Shell::command within a comment.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-12-21T22:36:26

Updated: 2024-08-04T17:09:14.607Z

Reserved: 2020-12-21T00:00:00

Link: CVE-2020-35625

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-12-21T23:15:12.530

Modified: 2024-11-21T05:27:43.503

Link: CVE-2020-35625

cve-icon Redhat

No data.