Description
MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML.
Remediation
References
Related Vulnerabilities
WordPress Plugin gboutique Local File Inclusion (1.3)
WordPress Plugin Import and export users and customers CSV Injection (1.16.3.5)
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2018-1302)
Java Multiple Vulnerabilities (CVE-2018-13785)
Zope Web Application Server Other Vulnerability (CVE-2010-3198)