Description

MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML.

Remediation

References

CVE-2013-6453

Related Vulnerabilities

WordPress Plugin Google Maps in Posts Cross-Site Scripting (1.5.3)

WordPress Plugin Visual Form Builder Cross-Site Scripting (2.8.4)

WordPress Plugin ClickDesk Live Support-Live Chat-Help Desk Cross-Site Scripting (4.2)

Moodle Improper Access Control Vulnerability (CVE-2016-3733)

TYPO3 Other Vulnerability (CVE-2009-3630)

Severity

High

Classification

CVE-2013-6453 CWE-20

Tags

Missing Update Known Vulnerabilities