Description
MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML.
Remediation
References
Related Vulnerabilities
MySQL CVE-2019-2528 Vulnerability (CVE-2019-2528)
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25143)
Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8419)
PHP Other Vulnerability (CVE-2002-0986)
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-42128)