Description
MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows remote attackers to inject > (greater than) characters via the id attribute of a headline.
Remediation
References
Related Vulnerabilities
PHP Use After Free Vulnerability (CVE-2014-3622)
Django Use of Hard-coded Credentials Vulnerability (CVE-2016-9013)
WordPress Plugin Duplicate Page Multiple Vulnerabilities (2.3)
Moodle Other Vulnerability (CVE-2007-1429)
JBoss Application Server Improper Privilege Management Vulnerability (CVE-2012-2312)