5.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-10960

GHSA ID

GHSA-pfm2-mqwj-ggm5

EPSS Score

0.52082%

CWE

CWE-74

Published

5/24/2022

Updated

4/1/2024

KEV Status

Technology

PHP

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-10960

CVE-2020-10960: MediaWiki makeCollapsible allows applying event handler to any CSS selector

In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event handler to any Cascading Style Sheets (CSS) selector. There is no known way to exploit this for cross-site scripting (XSS).

(GitHub Advisory)

5.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-10960

GHSA ID

GHSA-pfm2-mqwj-ggm5

EPSS Score

0.52082%

CWE

CWE-74

Published

5/24/2022

Updated

4/1/2024

KEV Status

Technology

PHP

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
mediawiki/core	composer	>= 1.31.0, < 1.31.7	1.31.7
mediawiki/core	composer	>= 1.33.0, < 1.33.3	1.33.3
mediawiki/core	composer	>= 1.34.0, < 1.34.1	1.34.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability occurs in the jquery.makeCollapsible implementation where user-provided CSS selectors (via 'id' attributes) were directly used to attach event handlers. The Phabricator task T246602 shows the fix involved adding $.escapeSelector to sanitize inputs, confirming the function's improper handling of selectors. The CWE-74 (Injection) and CWE-116 (Improper Encoding) mappings align with unescaped selector usage in DOM manipulation functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In M**i*Wiki ***or* *.**.*, us*rs **n *** v*rious **s***in* Styl* S***ts (*SS) *l*ss*s (w*i** **n *****t w**t *ont*nt is s*own or *i***n in t** us*r int*r****) to *r*itr*ry *OM no**s vi* *TML *ont*nt wit*in * M**i*Wiki p***. T*is o**urs ****us* jqu*r

Reasoning

T** vuln*r**ility o**urs in t** `jqu*ry.m*k**oll*psi*l*` impl*m*nt*tion w**r* us*r-provi*** *SS s*l**tors (vi* 'i*' *ttri*ut*s) w*r* *ir**tly us** to *tt*** *v*nt **n*l*rs. T** P***ri**tor t*sk T****** s*ows t** *ix involv** ***in* `$.*s**p*S*l**tor`

5.3

Basic Information

Concerned about an active attack path?

CVE-2020-10960: MediaWiki makeCollapsible allows applying event handler to any CSS selector

5.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI